ClawHub

Promptguard

v0.1.1

Detect prompt injection attacks in text. Returns risk score and detected patterns.

0· 132·0 current·0 all-time
by@mirni

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for mirni/promptguard.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Promptguard" (mirni/promptguard) from ClawHub.
Skill page: https://clawhub.ai/mirni/promptguard
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install promptguard

ClawHub CLI

Package manager switcher

npx clawhub@latest install promptguard
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, required binaries (python), declared Python packages, and the included source code all match a simple local prompt-injection detector. Nothing in the files indicates unrelated capabilities (cloud access, system configuration, or secrets handling).
Instruction Scope
SKILL.md instructs to install FastAPI/uvicorn/pydantic, run uvicorn to start the server, and POST text to /v1/scan. The code implements exactly that endpoint and only inspects the provided text; it does not read files, environment variables, or external endpoints.
Install Mechanism
The declared packages are standard PyPI packages (fastapi, uvicorn, pydantic), which is appropriate. The install 'kind' is listed as 'uv' in metadata (unusual/ambiguous), but the SKILL.md shows pip instructions and the code is pure Python — this looks low risk but you may want to confirm how your platform's installer resolves 'uv'.
Credentials
No environment variables, credentials, or config paths are requested. The skill does not attempt to access unrelated secrets or system config.
Persistence & Privilege
always is false and the skill does not try to modify other skills or system-wide settings. It runs as a local HTTP service and requires explicit startup; it does not persist elevated privileges.
Assessment
This skill appears to be a straightforward, local prompt-injection scanner. Before installing: (1) confirm how your platform implements the install 'uv' step (ensure it installs from trusted PyPI sources); (2) don't expose the server publicly without authentication because the provided service accepts arbitrary text and has no auth built in; (3) keep dependencies up to date and run in an isolated environment if you are concerned about supply-chain risk; (4) test with representative inputs to validate detection coverage and false positives/negatives for your use case.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binspython

Install

uv
latestvk97bfa0rtfd14vgb7vqs58q6e184stq1
132downloads
0stars
2versions
Updated 2w ago
v0.1.1
MIT-0
@mirni
latest
Download

PromptGuard

A security API that scans text for common prompt injection patterns and returns a risk score. Designed for AI agents that process untrusted text input from external sources.

What It Detects

  • Instruction override attempts
  • HTML comment injection
  • Zero-width unicode characters
  • Delimiter-based attacks
  • Role switching tokens
  • System prompt extraction attempts

Installation

pip install fastapi uvicorn pydantic

Usage

Start the server:

uvicorn promptguard.app:app --port 8000

Then send a POST request:

curl -X POST http://localhost:8000/v1/scan \
  -H "Content-Type: application/json" \
  -d '{"text": "What is the weather in London today?"}'

Response (clean text):

{
  "risk_score": "0",
  "patterns_detected": [],
  "input_length": 38
}

Request

FieldTypeRequiredDescription
textstringyesText to scan (1-100,000 chars)

Response

FieldTypeDescription
risk_scoredecimal0.0 (safe) to 1.0 (high risk)
patterns_detectedlistNames of detected patterns
input_lengthintegerLength of input text

Comments

Loading comments...