Prompt Hardening
v1.0.0硬化 agent prompt、system prompt、SOUL.md、AGENTS.md、cron prompt 使 LLM 可靠遵循指令。触发词:agent 不听话、忽略规则、绕过约束、prompt 优化、指令合规、规则强化、prompt 硬化、LLM 不遵守、模型违规、creative circumve...
⭐ 0· 12·0 current·0 all-time
by_silhouette@lanyasheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name, description, SKILL.md, patterns, and scripts all align with 'prompt hardening' and provide audit/checklist functionality. The included scripts and references are relevant. Minor oddity: tests/test_smoke.py asserts a hard-coded local path (/Users/sly/.openclaw/skills/...), which is unrelated to functionality and likely an auto-generated or environment-specific artifact that should be removed or adjusted.
Instruction Scope
SKILL.md is primarily advisory and instructs reading target prompt files and running scripts/audits. It explicitly states it will not automatically modify targets and requires operator action to apply changes. One ambiguity: it recommends '识别模型历史违反过的规则' (identify historical violations) but does not specify where to obtain conversation history — ensure the operator does not grant the skill access to unrelated logs or private transcripts unless intended.
Install Mechanism
No install spec and no third-party downloads — the skill is instruction-heavy with a small local audit shell script and docs. This is low-risk from an installation/execution perspective. audit.sh merely reads a prompt file and checks for keywords.
Credentials
The skill requests no environment variables, credentials, or config paths. The only potential concern is that references/sources.md cites a repository described as 'leaked system prompts' — this is a content provenance/ethical/legal concern, not a credential request.
Persistence & Privilege
Flags are default (always:false, user-invocable:true). The skill does not request persistent presence or elevated platform privileges and the SKILL.md warns that changes should be applied manually or via another executor skill.
Assessment
This skill appears to be what it claims: an advisory/audit toolkit for hardening prompts. Before installing or running it: 1) Inspect and remove or fix tests/test_smoke.py (it checks a hard-coded /Users/sly path which is environment-specific and should not be required). 2) Run scripts/audit.sh only on copies of your prompt files to avoid accidental edits; the script only greps content but verify behavior locally. 3) Clarify where 'model historical violations' data comes from — do not grant the skill access to conversation logs, secrets, or other unrelated data unless you intend to. 4) Review references/sources.md: it cites 'leaked system prompts' — using such material may have legal or ethical implications; vet the sources and licensing. 5) For critical enforcement (safety, code execution, or privileged actions), follow the SKILL.md guidance to pair prompt hardening with code-level (tool/hook) enforcement rather than relying on prompts alone.Like a lobster shell, security has layers — review code before you run it.
latestvk970earrh2m357x4qk36svkeg584ady7
License
MIT-0
Free to use, modify, and redistribute. No attribution required.