Compress
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
This skill appears safe to enable as an instruction-only compression aid. Use it for trusted, non-critical text, keep originals, review compressed prompts before reuse, and be careful with any optional local validation commands that could write sensitive facts to temporary files. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user compresses an unsafe or untrusted prompt and later uses the compressed version as an agent instruction, the unsafe instruction may still influence the agent.
The skill intentionally preserves imperative instructions when compressing system prompts. This is aligned with the stated purpose, but untrusted prompt text could remain operational if later reused as instructions.
## System Prompts **Strategy:** Instruction preservation - Keep all imperatives intact
Only compress trusted prompts for reuse as instructions, label compressed prompt text clearly, and review the result before placing it in a system or developer prompt.
Sensitive names, numbers, or other extracted facts could be left in local temporary files if the example commands are run as written.
The validation documentation includes optional shell-style examples that write extracted facts to predictable temporary files. This is not automatic behavior, but it matters if users run the commands on sensitive text.
extract_entities "$original" > /tmp/orig_ents extract_entities "$reconstructed" > /tmp/recon_ents diff /tmp/orig_ents /tmp/recon_ents
Treat these commands as examples only; avoid running them on sensitive content, or use controlled temporary paths and clean them up afterward.
A flawed compressed summary could cause future work to rely on missing or distorted information.
The skill describes persistent compressed bases and deltas for later reconstruction. Because the skill itself says compression is semantic rather than bit-perfect, omissions or mistakes could persist into later reused context.
v1: Full compression → store as base v2: Compress only delta from v1 v3: Compress only delta from v2 ... Reconstruction: base + delta1 + delta2 + ...
Keep the original text, validate compressed outputs before reuse, and avoid using this approach for safety-critical or high-stakes records.