ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Promptify Skill

v3.1.0

Optimize prompts for clarity and effectiveness. Use when user says "improve this prompt", "optimize my prompt", "make this clearer", or provides vague/unstructured prompts. Intelligently routes to sub-agents for codebase research, clarifying questions, or web search as needed.

6· 3.2k·16 current·17 all-time
by@tolibear
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (prompt optimization) align with declared behavior: clarifier, codebase research, and web research sub-agents are appropriate for improving prompts that reference projects, require clarification, or need current best practices. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md and agent docs instruct the agent to read project files (Glob/Grep/Read) when +deep is used and to perform web searches/fetches when +web is used. This is consistent with purpose, but +deep implies file-system reads of the codebase — ensure the agent's file access is scoped to the intended project directory and that users avoid including secrets in prompts.
Install Mechanism
No install spec and no code files — instruction-only skill (lowest install risk). README suggests typical install commands for external platforms but the skill package itself contains only docs.
Credentials
The skill requires no environment variables or credentials. The documented tools (AskUserQuestion, WebSearch, WebFetch, Glob/Grep/Read) are proportional to the described functions; no unexplained secret access is requested.
Persistence & Privilege
always:false and no special persistence requested. disable-model-invocation:false (agent may invoke autonomously) is the platform default and acceptable here — not combined with broad credentials or persistent system changes.
Assessment
This skill appears coherent and does what it says: optimize prompts, ask clarifying questions, read project files when you request +deep, and search the web when you request +web. Before installing or using it, consider: (1) If you use +deep, confirm the agent's file-access scope so it doesn't read unrelated system files or secrets in the repo. (2) Web search and WebFetch will contact external sites — avoid including sensitive data in prompts that will be sent externally. (3) The skill copies optimized prompts to the clipboard (pbcopy) — clipboard contents can be read by other local apps, so avoid copying secrets. (4) Review the host agent's tool permissions (AskUserQuestion, file-read, web access) and disable +deep/+web when not needed. If you want greater assurance, request the author provide explicit bounds for file-system access and a short manifest of what the web researcher will fetch.

Like a lobster shell, security has layers — review code before you run it.

latestvk9737qa79zakry339frhnhbegs805prn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments