PromptDome
Integrate PromptDome prompt injection screening into OpenClaw. Use when setting up automatic protection against prompt injection, jailbreaks, and PII exfiltr...
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 1 · 277 · 1 current installs · 1 all-time installs
byVince@tschew72
MIT-0
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match implementation: hook auto-scans incoming messages and a plugin exposes promptdome_scan. Required binaries (curl, python3, openclaw) and PROMPTDOME_API_KEY are appropriate for contacting the external PromptDome API.
Instruction Scope
SKILL.md and setup.sh instruct the agent to copy hook and plugin files into ~/.openclaw, enable the hook, and persist the API key in openclaw.json. The handler and plugin both send message text to the PromptDome API (expected), and the handler writes a preview (up to 80 characters) of messages to ~/.openclaw/logs/promptdome-gate.log (this logs potentially sensitive content).
Install Mechanism
No remote code downloads or extract operations; install is instruction-only and the provided setup.sh copies local files into ~/.openclaw. The runtime does contact the external API endpoint (promptdome.cyberforge.one) which is expected for the service.
Credentials
Only PROMPTDOME_API_KEY (and optional PROMPTDOME_API_URL) are required — proportionate to purpose. However, the key is persisted in openclaw.json in plaintext by the setup script and used as a bearer token when sending message content to the third-party API; you should treat this credential as sensitive.
Persistence & Privilege
always:false and the skill does not request elevated platform privileges. The setup script enables the hook and writes to the agent's config (openclaw.json) and to ~/.openclaw/logs, which is reasonable for a plugin of this nature.
Assessment
This skill appears to implement what it advertises, but installation will cause your incoming messages to be sent to a third-party API (https://promptdome.cyberforge.one by default). The setup script stores your PROMPTDOME_API_KEY in ~/.openclaw/openclaw.json and the hook writes short message previews to ~/.openclaw/logs/promptdome-gate.log — both may contain sensitive information. Before installing: (1) confirm you trust the PromptDome service and review its privacy/data-retention policy, (2) avoid enabling this on agents that handle highly sensitive or regulated data unless you self-host the endpoint (PROMPTDOME_API_URL override), (3) consider rotating the API key and restricting access to openclaw.json, (4) test on non-sensitive data first, and (5) only allow the promptdome_scan tool to agents you explicitly trust (use the tool allowlist).Like a lobster shell, security has layers — review code before you run it.
Current versionv1.3.1
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binscurl, python3, openclaw
EnvPROMPTDOME_API_KEY
SKILL.md
PromptDome × OpenClaw
API key required — Get yours free at https://promptdome.cyberforge.one/dashboard/api-keys (Sign up → Dashboard → API Keys → Create Key)
Adds automatic prompt injection detection to any OpenClaw agent. Two components work together:
| Component | What it does | When it fires |
|---|---|---|
promptdome-gate hook | Auto-scans every incoming message; injects ⚠️ warning if injection detected | Every message:received — zero agent code required |
promptdome_scan tool | Explicit scan agent can call on any content | On demand — web content, files, tool outputs |
Quick Setup (60 seconds)
bash skills/promptdome/scripts/setup.sh --api-key sk_shield_live_YOUR_KEY
That's it. The script:
- Tests your API key against the PromptDome API
- Installs
promptdome-gatehook →~/.openclaw/hooks/promptdome-gate/ - Installs
promptdome_scanplugin →~/.openclaw/extensions/promptdome/ - Saves API key to
openclaw.jsonenv block - Enables the hook automatically
- Prompts you to restart the gateway
Get an API key: https://promptdome.cyberforge.one/dashboard/api-keys
Manual Setup
1. Copy files
# Hook (auto-scanning)
mkdir -p ~/.openclaw/hooks/promptdome-gate
cp skills/promptdome/hook/HOOK.md ~/.openclaw/hooks/promptdome-gate/
cp skills/promptdome/hook/handler.ts ~/.openclaw/hooks/promptdome-gate/
# Plugin (explicit tool)
mkdir -p ~/.openclaw/extensions/promptdome
cp skills/promptdome/plugin/index.ts ~/.openclaw/extensions/promptdome/
2. Set API key
Add to ~/.openclaw/openclaw.json:
{
"env": {
"PROMPTDOME_API_KEY": "sk_shield_live_YOUR_KEY"
}
}
Or set PROMPTDOME_API_KEY in your shell environment.
3. Enable hook and restart
openclaw hooks enable promptdome-gate
openclaw gateway restart
What Happens After Install
- Every incoming message → scanned automatically before the model processes it
- BLOCK (score ≥ 70):
[PROMPTDOME BLOCK]warning injected into conversation - WARN (score ≥ 40): Soft caution note injected
- ALLOW: Silent — no overhead in conversation history
- Scan log:
~/.openclaw/logs/promptdome-gate.log - Fail-open: if API is unreachable, messages pass through unblocked
Using the Agent Tool
Enable promptdome_scan in your agent's tool allowlist:
{
"agents": {
"list": [{ "id": "main", "tools": { "allow": ["promptdome_scan"] } }]
}
}
Then agents call it like any tool — before processing web fetches, search results, uploaded files, or any external content.
Self-Hosted PromptDome
Override the API endpoint:
{
"env": {
"PROMPTDOME_API_KEY": "sk_shield_live_...",
"PROMPTDOME_API_URL": "https://your-instance.com/api/v1/shield"
}
}
Detection Coverage
PromptDome engine covers 32 attack categories including:
- Prompt injection & jailbreaks
- Fake system events / gateway spoofing
- PII & credential exfiltration
- ClickFix / social engineering
- HTML/DOM injection (browser agents)
- Agentic chain poisoning
- Multilingual evasion (18 languages)
Full category list: https://promptdome.cyberforge.one/docs
Files
6 totalSelect a file
Select a file to preview.
Comments
Loading comments…