ClawHub

Gws Modelarmor Sanitize Prompt

Google Model Armor: Sanitize a user prompt through a Model Armor template.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 137 · 9 current installs · 9 all-time installs
by@googleworkspace-bot
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the runtime instructions: the SKILL.md simply invokes 'gws modelarmor +sanitize-prompt' and requires the 'gws' binary. Requiring the gws CLI is proportionate for a wrapper around Google Model Armor functionality.
Instruction Scope
Instructions are narrow and only describe calling the gws CLI and reading stdin/flags. They refer to a sibling file '../gws-shared/SKILL.md' for auth/global flags/security rules; that external dependency is expected but means behavior (auth, where data is sent, logging) depends on that other SKILL.md which is not included here.
Install Mechanism
No install spec and no code files — lowest risk. The skill relies on an existing 'gws' binary; nothing is downloaded or written by the skill itself.
Credentials
The skill declares no env vars or credentials itself, which is reasonable because the gws CLI likely handles auth. Because auth is delegated to '../gws-shared/SKILL.md' or the gws environment, you should review that shared config to confirm which credentials will be used and whether they are appropriate for prompt sanitization.
Persistence & Privilege
The skill does not request always:true and is user-invocable. It does not modify other skills or request system-wide persistence.
Assessment
This is an instruction-only skill that just calls the external 'gws' CLI to sanitize prompts. Before installing, verify you trust the 'gws' binary on your system and inspect ../gws-shared/SKILL.md (or your gws auth configuration) to see which credentials and endpoints will be used and whether any automatic config generation (gws generate-skills) would write files you don't expect. Avoid sending highly sensitive secrets to the sanitizer unless you confirm the Model Armor template and gws configuration handle data the way you intend.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
Plugin bundle (nix)
Skill pack · CLI binary · Config
SKILL.mdCLIConfig
CLI help (from plugin)
gws modelarmor +sanitize-prompt --help
latestvk977pyzbvw03xmqrwakse52kb982a1jr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsgws

SKILL.md

modelarmor +sanitize-prompt

PREREQUISITE: Read ../gws-shared/SKILL.md for auth, global flags, and security rules. If missing, run gws generate-skills to create it.

Sanitize a user prompt through a Model Armor template

Usage

gws modelarmor +sanitize-prompt --template <NAME>

Flags

FlagRequiredDefaultDescription
--templateFull template resource name (projects/PROJECT/locations/LOCATION/templates/TEMPLATE)
--textText content to sanitize
--jsonFull JSON request body (overrides --text)

Examples

gws modelarmor +sanitize-prompt --template projects/P/locations/L/templates/T --text 'user input'
echo 'prompt' | gws modelarmor +sanitize-prompt --template ...

Tips

  • If neither --text nor --json is given, reads from stdin.
  • For outbound safety, use +sanitize-response instead.

See Also

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…