warn
suspicious.prompt_injection_instructions
- Location
- SKILL.md:52
- Finding
- Prompt-injection style instruction pattern detected.
TRPG Session
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.prompt_injection_instructions
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A PC agent may be able to access another character's secrets or DM-only material, spoiling private game information.
Why it was flagged
The skill promises private character boundaries, but the sample agent definitions place DM and PC agents in the same campaign workspace. Without explicit file or retrieval isolation elsewhere, private campaign files could be visible across agents.
Skill content
`character secrets stay private` ... DM/PC examples both use `workspace: ~/.openclaw/trpg/<campaign-slug>`
Recommendation
Use separate workspaces or retrieval scopes for shared rules/lore, DM-only notes, and each PC. Do not store secrets in the shared campaign root unless OpenClaw access controls are explicitly configured.
What this means
If the trigger is misconfigured, agents could respond more broadly than intended in a group chat.
Why it was flagged
The skill documents persistent agents connected to a Discord channel. The `mentionOnly: true` setting is a meaningful scope control, but users still need to ensure agents are only active in the intended campaign channel.
Skill content
`triggers: - pattern: ".*" ... channels: ["discord:#<campaign-channel>"] ... mentionOnly: true`
Recommendation
Keep `mentionOnly: true`, use a dedicated campaign channel, and disable or remove campaign agents when the campaign ends.
What this means
Incorrect session summaries or character updates could persist into future sessions.
Why it was flagged
The DM agent is instructed to modify campaign files at session end. This is purpose-aligned and scoped to game files, but it can still overwrite or incorrectly update persistent campaign state.
Skill content
`End session.` ... `Write a session summary to sessions/session-NNN.md` ... `Update character states (HP, inventory, conditions)`
Recommendation
Review generated session logs and character-state changes, and keep backups for important campaigns.