Openclaw Prompt Shield

The openclaw-prompt-shield skill is a defensive security tool designed to detect and sanitize prompt-injection and data-exfiltration attempts in agent inputs. While the bundle contains numerous high-risk keywords and exfiltration host signatures (e.g., 'webhook.site', 'ngrok' in references/exfil-hosts.txt), these are used exclusively as detection patterns for the scanning engine in scripts/_patterns.py and scripts/_core.py. The code is well-documented, uses only the Python standard library, lacks any network-capable modules, and implements strict path validation to prevent shell injection, confirming its intent is purely protective.