Prompt injection instructions
Warn
- Finding
- Prompt-injection style instruction pattern detected.
Cpr Conversational Pattern Restoration
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
Install this only if you want the agent's conversational style changed at prompt level. Review the exact system-prompt block, start with the minimal tier, avoid extended persistence unless needed, and make sure any drift logs or state files can be inspected and removed. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
Static analysis
Prompt injection instructions
Warn
- Finding
- Prompt-injection style instruction pattern detected.
Prompt injection instructions
Warn
- Finding
- Prompt-injection style instruction pattern detected.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
The agent may become drier, shorter, or less conventionally supportive in all conversations where this prompt is active.
Why it was flagged
The skill tells the agent to filter every response for tone and remove or rewrite certain conversational patterns, which can shape behavior across unrelated tasks.
Skill content
Pre-Send Gate (Apply Every Message) ... Before sending, pass EVERY response through this filter.
Recommendation
Use the tiered setup, tailor the baseline to your actual needs, and avoid applying it globally if only some conversations need this style.
What this means
If enabled, the agent may adjust its tone without asking at each correction point, though the behavior is limited to conversational drift control in the provided artifacts.
Why it was flagged
The extended mode describes autonomous, silent self-monitoring and correction during long-running sessions.
Skill content
After every 10th message, silently audit your last 10 responses ... Do NOT announce the correction to user — just do it
Recommendation
Enable the extended monitor only for persistent agents that need it, and document for users that periodic style self-correction is active.
What this means
Style-monitoring state or logs could persist across turns or sessions and influence later replies.
Why it was flagged
The skill suggests persistent conversational state so drift controls survive context compaction, which can influence future behavior and may retain conversation-derived metadata.
Skill content
Maintain a persistent state file (DRIFT_MONITOR_STATE.json) that survives compaction
Recommendation
Keep any drift state minimal, inspectable, local, and easy to delete; avoid storing full conversation text or sensitive user content.