技能详情(站内镜像,无评论)
作者:kornhollio @aviv4339
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 15 · 2.3k · 10 current installs · 10 all-time installs
⭐ 15
安装量(当前) 10
🛡 VirusTotal :良性 · OpenClaw :良性
Package:aviv4339/indirect-prompt-injection
安全扫描(ClawHub)
- VirusTotal :良性
- OpenClaw :良性
OpenClaw 评估
The skill's files, instructions, and requirements are coherent with its stated purpose (detecting indirect prompt injection); it does not request credentials, install arbitrary binaries, or contain evidence of exfiltration behavior — though the doc and tests intentionally contain attack phrases and there are minor code-quality issues to review before production use.
目的
Name/description match what is provided: detection heuristics, regex patterns, sanitizer and test harness are all present. No unrelated credentials, binaries, or platform-level access are requested. The presence of regexes for 'ignore previous instructions', homoglyphs, base64, webhook URLs, etc., is expected for a prompt-injection detector.
说明范围
SKILL.md confines itself to scanning and sanitizing untrusted external content and instructs to report suspicious content rather than executing it. It references only the bundled scripts (sanitize.py, run_tests.py) and provides safe response templates. The SKILL.md contains example attack phrases (e.g., 'Ignore previous instructions') — the pre-scan detector flagged that phrase, but it's used as an example of what to detect rather than an atte…
安装机制
No install spec is provided (instruction-only skill with bundled scripts). That is lower risk: nothing will be downloaded or installed by the registry. The provided Python scripts operate locally and do not include network-download/install steps.
证书
The skill requests no environment variables, credentials, or config paths. The detection rules purposely look for references to secrets and endpoints in input content, but the code itself does not request or access host secrets. This is proportionate to its detection role.
持久
always is false and the skill is user-invocable; autonomous invocation is allowed by default but not combined with other elevated privileges. The skill does not request persistent system presence or modify other skills/configs.
综合结论
This skill appears coherent and focused: it ships detection heuristics, a sanitizer (sanitize.py), and a test harness (run_tests.py) to classify suspicious inputs. It does not request credentials, install external code, or contact external endpoints itself. Before installing or enabling it in production, consider: 1) Origin review — the source and homepage are unknown; prefer skills with a known author or repo and a license. 2) Code review — r…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Indirect Prompt Injection Defense」。简介:Detect and reject indirect prompt injection attacks when reading external conte…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/aviv4339/indirect-prompt-injection/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
暂无本地缓存内容,可在后台执行详情同步。