agiza_agents
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (ignore-previous-instructions, you-are-now); human review is required before treating this skill as clean.
This appears to be a large, advanced engineering toolkit rather than a single narrow skill. Install and use only if you trust the publisher, load only the sub-skill you need, review helper scripts before running them, and be careful when scanning repositories that may contain real secrets or private infrastructure details. ClawScan detected prompt-injection indicators (ignore-previous-instructions, you-are-now), so this skill requires review even though the model response was benign.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the command would fetch and install code from outside the registry context.
The skill documents a user-run remote install command through npx/GitHub while the registry source is listed as unknown and there is no install spec. This is user-directed and purpose-aligned, but provenance should be checked.
npx agent-skills-cli add alirezarezvani/claude-skills/engineering
Only run the npx install command if you trust the package and repository; prefer reviewing or pinning versions before installation.
The helper scripts can read local project files and produce analysis reports when the user or agent runs them.
The sub-skill instructs users to run bundled Python helper scripts against a chosen Terraform directory. This is expected for the stated analyzer/scanner purpose, but it is still local code execution.
python3 scripts/tf_module_analyzer.py ./terraform
Run helper scripts only from trusted skill copies and against directories you intend to analyze.
Secrets present in scanned project files could appear in the agent context or generated reports.
The Terraform security workflow is designed to inspect code for secrets and IAM issues. This is purpose-aligned, but scanned files may contain credential material.
Audit Terraform code for security vulnerabilities, secrets exposure, and IAM misconfigurations
Scan only intended repositories, avoid sharing generated reports publicly, and redact any real secrets found.
If loaded carelessly, example attack strings may appear in model context, but the artifact labels them as threats to detect.
Prompt-injection phrases appear as documented examples in a security-auditor skill, not as instructions to the evaluator or user agent.
| **System prompt override** | "Ignore previous instructions", "You are now..." | 🔴 CRITICAL |
Treat these phrases only as examples; load the security-auditor sub-skill only when doing security review work.