AOI Prompt Injection Sentinel — 技能工具
v0.1.2[自动翻译] Detects and scores prompt injection attempts in text, outputting severity, action, and matched rules without external calls or secret handling.
0· 710·0 当前·0 累计
by 安全扫描
OpenClaw
安全
high confidenceThe skill's code, instructions, and requirements are consistent with a small local prompt-injection detector; it does not request secrets, make outbound calls, or require unrelated resources.
评估建议
This skill appears internally consistent and implements a local, regex-based prompt-injection detector. Before installing or running, review the included skill.js (it's small and readable) to confirm you trust the author, because running the script executes code on your host. Note the SKILL.md references a GitHub issues URL — you can verify the upstream repo and changelog there. Expect potential false positives (e.g., matches for filenames like .env or phrases like 'curl http'); test with repres...详细分析 ▾
✓ 用途与能力
Name/description (prompt-injection sentinel) align with the included code and SKILL.md. The code implements local regex-based rules, scoring, and a local fingerprint — nothing in the bundle asks for unrelated capabilities (no cloud creds, no system-level access).
✓ 指令范围
SKILL.md instructs running the included node script (analyze via CLI or stdin) and explicitly claims no webhooks/outbound calls or secret handling. The script only reads CLI args/stdin, runs regex checks, computes a local SHA-256 fingerprint, and prints JSON to stdout — scope stays within the stated purpose.
✓ 安装机制
No install spec is provided (instruction-only). The package includes a small standalone skill.js with no external dependencies. No network downloads or archive extraction are performed by the skill itself.
✓ 凭证需求
The skill requests no environment variables, no credentials, and references no config paths to be read at runtime. The regex rules do mention common sensitive filenames (e.g., .env, id_rsa, openclaw.json) for detection purposes — that's consistent with its detection goal and not an access request.
✓ 持久化与权限
Flags show always:false and normal model invocation. The skill does not attempt to modify other skills or system configs. It runs only when invoked and has no installation hooks that grant it persistent elevated privileges.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv0.1.22026/2/15
Docs: add GitHub Issues support link (aoi-skills).
● 无害
安装命令 点击复制
官方npx clawhub@latest install aoi-prompt-injection-sentinel
镜像加速npx clawhub@latest install aoi-prompt-injection-sentinel --registry https://cn.clawhub-mirror.com
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制