Agent Hardening
v1.1.2Test your agent's input sanitization against common injection attacks. Runs self-contained checks using synthetic test data only — no local files are accessed.
⭐ 4· 1k·1 current·1 all-time
byLucas Valbuena@x1xhlol
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the SKILL.md tests: the skill runs short Python snippets that exercise unicode, HTML-comment, and bidi override handling using hardcoded samples. No unrelated credentials, files, or binaries are requested.
Instruction Scope
Instructions stay within the stated purpose and operate on synthetic strings only. One test sample contains the phrase 'SYSTEM: ignore previous instructions' inside an HTML comment — this matches common prompt‑injection patterns but appears intentionally included as test data rather than an attempt to exfiltrate. The SKILL.md also links to a GitHub repo as a reference (informational only).
Install Mechanism
Instruction-only skill with no install spec and no code files; nothing is written to disk by the skill itself.
Credentials
The skill declares no required environment variables or credentials, which is appropriate. However, the runtime commands invoke 'python3' for tests but 'python3' is not listed under required binaries — a minor declaration mismatch. There are no requests for unrelated secrets or config paths.
Persistence & Privilege
The skill does not request persistent presence (always:false), does not modify other skills or system settings, and does not ask for elevated privileges.
Scan Findings in Context
[ignore-previous-instructions] expected: The SKILL.md intentionally includes a sample HTML comment containing 'SYSTEM: ignore previous instructions' to test hidden-directive detection. This matches the scanner rule but is coherent with the skill's stated testing purpose.
Assessment
This skill appears to do what it says: short, self-contained Python tests using hardcoded samples. Before installing or running it: 1) Verify you have Python 3 available (the SKILL.md runs 'python3' but the registry entry doesn't list it as a required binary). 2) Inspect the GitHub link and the author's site if you want provenance — the skill is instruction-only so the repo is just a reference. 3) Run the tests in a sandbox or non-production agent instance first to confirm the agent will not forward test outputs to external services. 4) Understand the test strings intentionally include prompt-injection‑like phrases (e.g., 'ignore previous instructions') — this is expected, not necessarily malicious. If you need higher assurance, ask the author for a signed source or review the referenced GitHub repository before use.Like a lobster shell, security has layers — review code before you run it.
latestvk97avr9sa7pfht6j282h01tw3x819arx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.