prompt-engineer-toolkit
PassAudited by ClawScan on May 1, 2026.
Overview
This prompt-engineering toolkit appears coherent and benign, with the main cautions that an optional runner can execute a user-provided local command and prompt versions are saved on disk.
This skill is reasonable to install if you want local prompt testing and versioning. Before using it, review any external runner command you pass, avoid running untrusted prompt/test data through privileged CLIs, and treat the local prompt history file as potentially sensitive.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you provide an unsafe runner command or test untrusted prompt/case content, the command may make local CLI calls or use whatever access that CLI already has.
The tester can execute a user-supplied local command after inserting prompt and test-case input. This is disclosed and purpose-aligned for running an LLM CLI, but it is still a broad execution capability.
parser.add_argument("--runner-cmd", help="External command template, e.g. 'llm --prompt {prompt} --input {input}'.") ... proc = subprocess.run(parts, text=True, capture_output=True, check=True)Use only trusted runner commands, review test cases and prompt files before running them, and prefer scoped LLM CLI profiles or sandboxed environments for experiments.
Private campaign prompts, product details, or other sensitive text included in prompts can remain on disk and appear in future lists or diffs.
The versioner stores full prompt content and metadata in a persistent local JSONL file. This is expected for versioning, but prompt history can retain sensitive or proprietary text.
parser.add_argument("--store", default=".prompt_versions.jsonl", help="JSONL history file path.") ... prompt: str ... path.write_text(payload + ("\n" if payload else ""), encoding="utf-8")Keep the store in a private location, avoid putting secrets in prompts, consider adding the store file to .gitignore, and delete or protect old histories when no longer needed.