Prompt injection instructions
Warn
- Finding
- Prompt-injection style instruction pattern detected.
Research Assistant
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
This looks safe to install as an instruction-only research framework. Before using it, decide where the research/ folder should live, avoid storing confidential research unless intended, and review any automated monitoring or multi-agent sharing setup before enabling it. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
Your agent may keep following this research workflow in future research tasks until you remove or edit the added instructions.
Why it was flagged
The skill asks the user to place its protocol into persistent agent instructions. That is expected for an instruction-only skill, but it can affect future agent behavior.
Skill content
Add to your `AGENTS.md`, `SOUL.md`, or system prompt:
Recommendation
Add only the scoped research protocol you want, keep it under a clear heading, and remove it if you no longer want persistent research behavior.
What this means
Old or low-quality research notes may influence later work if the agent treats them as authoritative.
Why it was flagged
The skill intentionally creates persistent research memory. This is useful for the stated purpose, but stored research can be reused later and may contain outdated, sensitive, or poisoned information from web sources.
Skill content
**Research Library** — Organized storage for findings that persists across sessions
Recommendation
Keep research files in a known folder, review sensitive briefs before saving, and periodically prune or mark outdated research.
What this means
If enabled, the agent could create new research briefs or alerts based on trigger conditions without a fresh manual prompt each time.
Why it was flagged
The advanced patterns describe optional automated research triggers. No scheduler or background code is included, so this is not hidden persistence, but it could lead to autonomous research actions if the user implements it.
Skill content
Set up conditions that automatically kick off research
Recommendation
Use automatic triggers only with clear conditions, notification rules, and review points before acting on the results.
What this means
Research files or handoff notes could be shared with other agents or collaborators if you adopt the collaborative workflow.
Why it was flagged
The skill includes a collaborative, multi-agent research pattern. This is disclosed and optional, but sharing handoffs between agents can expose research context if boundaries are not controlled.
Skill content
Split research across specialized agents
Recommendation
Share only the files needed for collaboration and avoid including private or confidential material in handoff documents unless all recipients are trusted.