ClawHub

Prompt Optimizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a local prompt-improvement assistant that stores prompt history and saved prompts on the user's machine, with no artifact evidence of network access or hidden behavior.

Install if you want a local prompt optimization and prompt-library helper. Do not save API keys, passwords, private customer data, or proprietary prompts unless you are comfortable with them being retained under ~/.openclaw/prompt-optimizer/; delete that directory if you later want to remove the saved library and history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The activation description is extremely broad and includes common phrases like 'help', 'better prompt', and 'get better results', which increases the chance the skill will trigger in unrelated conversations. Over-broad invocation can cause the agent to read or write local prompt-history data when the user did not intend to use this skill, creating unnecessary exposure of sensitive prompt content and confusing behavior.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The listed activation phrases include several generic expressions such as 'fix prompt', 'system prompt', 'prompt tips', and 'why bad response', which are broad enough to match ordinary requests outside the intended scope. This creates accidental invocation risk and can lead to unintended file access or persistence operations under the skill's local storage model.

Vague Triggers

Low
Confidence
91% confidence
Finding
A bare 'help' command is too generic and may match routine user requests that have nothing to do with prompt optimization. While lower impact than the broader activation text, it still increases accidental routing into this skill and could expose or modify local state if the user continues interacting under the wrong skill context.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill explicitly stores prompt content, library entries, and optimization history locally, and prompts can easily contain API keys, proprietary text, personal data, or internal instructions. Even without network exfiltration, persistent storage of sensitive user inputs increases the blast radius of local compromise, accidental reuse, or unauthorized access by other local processes/users.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal