Promptify Skill
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: promptify Version: 3.1.0 The skill is classified as suspicious due to the explicit instruction for the AI agent to execute shell commands with broad file system access and direct command execution capabilities. Specifically, `agents/codebase-researcher.md` and `commands/promptify.md` instruct the agent to use `Glob`, `Grep`, `Read`, and `LS` for 'codebase exploration', granting extensive read access to the file system. Additionally, `SKILL.md` and `commands/promptify.md` instruct the agent to execute `echo 'PROMPT' | pbcopy`, which is a direct command execution using agent-generated content. While these actions are presented as part of the skill's stated purpose (prompt optimization and codebase research), they represent high-risk capabilities that could be leveraged for unauthorized data access or command injection if the agent's behavior is subverted.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used on a private project, relevant file names and file contents may be read by the agent to improve the prompt.
The skill can inspect local project structure and read relevant files during codebase research. This is disclosed and aligned with optimizing project-specific prompts, but it gives the agent access to local code context.
Use Glob and LS to understand... Use Grep and Read to find...
Use +deep or codebase auto-detection only in projects you are comfortable sharing with the agent, and review the announced research scope.
Sensitive project names, internal APIs, or private details included in a prompt could become part of web-search queries if web research is used.
The skill may send prompt-derived topics to web search/fetch tools. This is disclosed and purpose-aligned for current best practices, but it can expose search terms derived from the user's prompt to external web tooling.
Use WebSearch for: "[technology] best practices 2025"... Use WebFetch - Retrieve specific documentation pages
Do not use +web, or remove sensitive identifiers first, when the prompt contains confidential information.
Running a generated clipboard command without checking it could fail or behave unexpectedly if the prompt text is not safely quoted.
The skill asks the agent to output a shell command for copying the optimized prompt to the clipboard. It is not instructed to execute the command automatically, but users should inspect any generated shell snippet before running it, especially if the prompt contains quotes or shell metacharacters.
2. `echo 'PROMPT' | pbcopy`
Prefer copying the prompt directly, or inspect and safely quote any generated pbcopy command before running it.