ClawHub

Detector of prompt injection

v0.1.2

Detect prompt injection attacks and adversarial inputs in user text before passing it to your LLM. Use when you need to validate or screen user-provided text...

0· 68·0 current·0 all-time
by@aunicall
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: the helper scripts and SKILL.md send user text to an external detection API and require a single API key (PMTINSP_API_KEY). No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions only describe sending input to the stated API, reading the declared PMTINSP_API_KEY (env var, CLI arg, or ~/.openclaw/.env), and formatting output. The SKILL.md examples include adversarial phrases (e.g., "Ignore all previous instructions") which are example inputs consistent with the product's purpose.
Install Mechanism
No install spec or external downloads. The included scripts use only standard-library modules and do not install third-party packages or fetch arbitrary code at install time.
Credentials
The skill requires only one environment variable (PMTINSP_API_KEY), which is appropriate for a hosted API client. The scripts optionally read ~/.openclaw/.env for that same variable — consistent with SKILL.md. No other secret-like env vars are requested.
Persistence & Privilege
always is false, the skill doesn't request persistent or elevated platform privileges, and it does not modify other skills or system-wide configs. It only reads its own expected config locations.
Scan Findings in Context
[ignore-previous-instructions] expected: The SKILL.md and examples intentionally include adversarial strings like "Ignore all previous instructions" to demonstrate the types of inputs the detector looks for. This appears to be illustrative, not an attempt to exfiltrate data or bypass checks.
Assessment
This skill appears to be what it claims: a thin client that sends text to promptinspector.io and returns a verdict. Before installing, verify you trust the Prompt Inspector provider and keep your PMTINSP_API_KEY secret (do not commit it to public repos). Be cautious when using the --base-url option or changing the API endpoint: pointing it to an untrusted server would forward user inputs (possibly sensitive) and the API key to that server. If you need on-premise processing for privacy, prefer a self-hosted instance you control and verify network traffic. Finally, rotate or scope the API key if you plan to use it in production.

Like a lobster shell, security has layers — review code before you run it.

latestvk974683t96w21vn65xknvcnamx83zzr2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis
EnvPMTINSP_API_KEY

Comments