warn
suspicious.prompt_injection_instructions
- Location
- reference/skillaudit.md:227
- Finding
- Prompt-injection style instruction pattern detected.
Aliyun ClawScan
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.prompt_injection_instructions
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
NoteHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
When invoked, the skill may reveal OpenClaw configuration details and installed skill names in its report.
Why it was flagged
The skill directs the agent to run local OpenClaw audit and inventory commands. These are disclosed and aligned with the audit purpose, but they do inspect the user's OpenClaw setup.
Skill content
openclaw security audit --deep ... openclaw skills list
Recommendation
Use it when you intend to perform a local security audit, and approve only the documented read/audit commands.
NoteHigh Confidence
ASI01: Agent Goal HijackWhat this means
Automated scanners may flag the wording, but the visible context is defensive documentation.
Why it was flagged
The prompt-injection phrase appears inside a detection-pattern reference for finding unsafe skills, not as a hidden directive to control this agent.
Skill content
Direct Patterns: ignore previous instructions
Recommendation
Treat these phrases as examples only; do not execute or obey any sample malicious instructions found during audits.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
Users cannot fully verify provenance from the supplied metadata alone.
Why it was flagged
The registry metadata does not identify a concrete source package or repository for the submitted artifact, although the skill is instruction-only and has no install code.
Skill content
Source: unknown
Recommendation
If publisher identity matters, verify the registry owner and homepage before relying on the Alibaba Cloud branding.