ClawHub

Detector of prompt injection

Security checks across static analysis, malware telemetry, and agentic risk

Overview

Prompt-injection indicators were detected in the submitted artifacts (ignore-previous-instructions); human review is required before treating this skill as clean.

Before installing, confirm you are comfortable sending inspected text to promptinspector.io or your chosen self-hosted endpoint. Store PMTINSP_API_KEY securely, avoid inline API-key arguments, and only run batch inspection on files whose contents you intend to submit. ClawScan detected prompt-injection indicators (ignore-previous-instructions), so this skill requires review even though the model response was benign.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI07: Insecure Inter-Agent Communication
Low
What this means

Any text you inspect, including file lines in batch mode, may be received and processed by Prompt Inspector or a configured self-hosted endpoint.

Why it was flagged

The skill clearly discloses that inspected text is sent to an API endpoint with the user’s API key. This is purpose-aligned, but it means submitted prompts or batch inputs leave the local environment.

Skill content
POST /api/v1/detect/sdk ... Header: X-App-Key: <your-api-key> ... Body: {"input_text": "<text to inspect>"}
Recommendation

Only inspect content you are allowed to share with that service; review the provider’s data-retention/privacy terms, and use a trusted self-hosted endpoint for sensitive workloads.

#ASI03: Identity and Privilege Abuse
Low
What this means

If the API key is exposed, someone else could make requests against your Prompt Inspector account or quota.

Why it was flagged

The helper resolves a Prompt Inspector API key from command-line arguments, environment variables, or a persistent OpenClaw .env file. This is expected for the service, but the key is a credential.

Skill content
if cli_key: return cli_key ... env_key = os.environ.get("PMTINSP_API_KEY") ... dotenv_path = Path.home() / ".openclaw" / ".env"
Recommendation

Prefer an environment variable or a permission-restricted .env file; avoid passing real API keys inline on the command line where shell history or process listings may expose them.