ClawHub

Detector of prompt injection

v0.1.2

Detect prompt injection attacks and adversarial inputs in user text before passing it to your LLM. Use when you need to validate or screen user-provided text...

0· 114·0 current·0 all-time
by@aunicall
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: the helper scripts and SKILL.md send user text to an external detection API and require a single API key (PMTINSP_API_KEY). No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions only describe sending input to the stated API, reading the declared PMTINSP_API_KEY (env var, CLI arg, or ~/.openclaw/.env), and formatting output. The SKILL.md examples include adversarial phrases (e.g., "Ignore all previous instructions") which are example inputs consistent with the product's purpose.
Install Mechanism
No install spec or external downloads. The included scripts use only standard-library modules and do not install third-party packages or fetch arbitrary code at install time.
Credentials
The skill requires only one environment variable (PMTINSP_API_KEY), which is appropriate for a hosted API client. The scripts optionally read ~/.openclaw/.env for that same variable — consistent with SKILL.md. No other secret-like env vars are requested.
Persistence & Privilege
always is false, the skill doesn't request persistent or elevated platform privileges, and it does not modify other skills or system-wide configs. It only reads its own expected config locations.
Scan Findings in Context
[ignore-previous-instructions] expected: The SKILL.md and examples intentionally include adversarial strings like "Ignore all previous instructions" to demonstrate the types of inputs the detector looks for. This appears to be illustrative, not an attempt to exfiltrate data or bypass checks.
Assessment
This skill appears to be what it claims: a thin client that sends text to promptinspector.io and returns a verdict. Before installing, verify you trust the Prompt Inspector provider and keep your PMTINSP_API_KEY secret (do not commit it to public repos). Be cautious when using the --base-url option or changing the API endpoint: pointing it to an untrusted server would forward user inputs (possibly sensitive) and the API key to that server. If you need on-premise processing for privacy, prefer a self-hosted instance you control and verify network traffic. Finally, rotate or scope the API key if you plan to use it in production.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🛡️ Clawdis
EnvPMTINSP_API_KEY
latestvk974683t96w21vn65xknvcnamx83zzr2
114downloads
0stars
3versions
Updated 2w ago
v0.1.2
MIT-0
@aunicall
latest
Download

Prompt Inspector

Prompt Inspector is a production-grade API service that detects prompt injection attacks, jailbreak attempts, and adversarial manipulations in real time.

📖 For detailed product information, features, and threat categories, see references/product-info.md

Requirements

Provide your API key via either:

  • Environment variable: PMTINSP_API_KEY=your-api-key, or
  • ~/.openclaw/.env line: PMTINSP_API_KEY=your-api-key

Get your API key at promptinspector.io by creating an app.

Manage custom sensitive words in your dashboard at promptinspector.io.

Commands

Detect a single text (Python)

# Basic detection — prints verdict and score
python3 {baseDir}/scripts/detect.py --text "..."

# JSON output
python3 {baseDir}/scripts/detect.py --text "..." --format json

# Override API key inline
python3 {baseDir}/scripts/detect.py --api-key pi_xxx --text "..."

Detect a single text (Node.js)

# Basic detection
node {baseDir}/scripts/detect.js --text "..."

# JSON output
node {baseDir}/scripts/detect.js --text "..." --format json

# Override API key inline
node {baseDir}/scripts/detect.js --api-key pi_xxx --text "..."

Batch detection from a file (Python)

# Each line in the file is treated as one text to inspect
python3 {baseDir}/scripts/detect.py --file inputs.txt

# JSON output for automation
python3 {baseDir}/scripts/detect.py --file inputs.txt --format json

Output

Default (human-readable)

Request ID : a1b2c3d4-...
Is Safe    : False
Score      : 0.97
Category   : prompt_injection, jailbreak
Latency    : 34 ms

JSON (--format json)

{
  "request_id": "a1b2c3d4-...",
  "is_safe": false,
  "score": 0.97,
  "category": ["prompt_injection", "jailbreak"],
  "latency_ms": 34
}

Threat Categories

Prompt Inspector detects 10 threat categories:

  • instruction_override
  • asset_extraction
  • syntax_injection
  • jailbreak
  • response_forcing
  • euphemism_bypass
  • reconnaissance_probe
  • parameter_injection
  • encoded_payload
  • custom_sensitive_word

📖 For complete category descriptions, see references/product-info.md

API at a Glance

POST /api/v1/detect/sdk
Header: X-App-Key: <your-api-key>
Body:   {"input_text": "<text to inspect>"}

Response:

{
  "request_id": "string",
  "latency_ms": 34,
  "result": {
    "is_safe": false,
    "score": 0.97,
    "category": ["prompt_injection"]
  }
}

Full API reference: docs.promptinspector.io

Notes

  • Keep text under the limit for your plan tier. Very long inputs may be rejected with HTTP 413.
  • Use --format json when piping output to other tools.
  • For bulk workloads, batch requests with --file to minimise round-trip overhead.
  • Contact hello@promptinspector.io for enterprise plans and self-hosting support.

Comments

Loading comments...