Prompt Engineering Mastery
v3.0.0Convert vague instructions into clear AI prompts using structures, techniques, and templates for reliable, precise, and measurable outputs.
⭐ 0· 660·1 current·1 all-time
by@1kalin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (prompt engineering) match the provided materials. It's an instruction-only skill with no binaries, env vars, or installs requested, which is proportionate to a teaching/template skill.
Instruction Scope
The SKILL.md is extensive and stays focused on prompt architecture, templates, tests and techniques. However, the scanner detected prompt-injection patterns (e.g., 'ignore-previous-instructions') in the document. A prompt-engineering guide may legitimately discuss injection and defenses, but including constructs that teach or encourage ignoring system instructions or bypassing guardrails increases risk because they can be used to subvert model safety. There are no explicit instructions in the manifest to read system files or env vars, but the presence of injection phrases is notable and warrants manual review of the full content to determine intent and context (defensive vs. offensive).
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest-risk install surface (nothing is written to disk by the skill itself).
Credentials
The skill requests no environment variables, credentials, or config paths. There are no disproportionate credential requests.
Persistence & Privilege
always is false and autonomous invocation is allowed (platform default). The skill does not request persistent/system-wide changes or special privileges.
Scan Findings in Context
[ignore-previous-instructions] expected: A prompt-engineering guide may mention this string when explaining prompt injection and defenses, so its presence can be expected. However, it is risky if presented as a tactic to be used to bypass system or safety instructions rather than as an example to detect/defend against. Manual review needed to confirm context and intent.
What to consider before installing
This skill appears to do what it says (teaches prompt engineering) and doesn't request credentials or install code, which is good. However, the SKILL.md contains prompt-injection phrasing that could teach agents to ignore system instructions or bypass safeguards. Before installing or enabling it for autonomous use: (1) manually read the SKILL.md and search for phrases like 'ignore previous instructions', 'bypass', or explicit steps to override system prompts — confirm they are described defensively (how to detect/mitigate) rather than as tactics to use; (2) if you will allow autonomous invocation, avoid granting the skill any credentials or access to sensitive data; (3) consider running it in a restricted or test environment first; (4) if you find offensive/bypass instructions, remove or sanitize those sections before use. If you want, I can scan the full SKILL.md and point to exact lines that look like bypass instructions or otherwise risky guidance.Like a lobster shell, security has layers — review code before you run it.
AIvk974nwq9xzz16b93tzt9vfd2cd81kw4mClaudevk974nwq9xzz16b93tzt9vfd2cd81kw4mGPTvk974nwq9xzz16b93tzt9vfd2cd81kw4mLLMvk974nwq9xzz16b93tzt9vfd2cd81kw4magentvk975bhstqzdy2akv4ezz3mb5ed81phbmaivk975bhstqzdy2akv4ezz3mb5ed81phbmengineeringvk97b9mfnsbntwgcr7kk8e17pz981n9bhlatestvk975bhstqzdy2akv4ezz3mb5ed81phbmllmvk975bhstqzdy2akv4ezz3mb5ed81phbmoptimizationvk975bhstqzdy2akv4ezz3mb5ed81phbmpromptvk975bhstqzdy2akv4ezz3mb5ed81phbmprompt engineeringvk975bhstqzdy2akv4ezz3mb5ed81phbmpromptingvk974nwq9xzz16b93tzt9vfd2cd81kw4msystem promptvk975bhstqzdy2akv4ezz3mb5ed81phbmtemplatesvk970hqedr8115enmfyr7adpex581dn9r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.