ClawAudit verdict

prompt-defense

email-prompt-injection-defense

88
๐ŸŸข Trusted
Low risk โ€” reviewed by ClawAudit, behavior matches stated purpose

Defense skill that defines detection patterns for prompt injection in emails and enforces a confirmation protocol before acting on any email-sourced instructions; it is a security control and contains no malicious behavior.

โš  Flagged for review โ€” coarse, uncorroborated signal, not a confirmed exploit. Review the config yourself before installing.

Automated static analysis โ€” not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.

20
security
90
transparency
70
maintenance

Findings (3)

Pattern match critical

Prompt injection โ€” tries to override agent instructions

references/patterns.md ยท code ยท Ignore all previous instructions

Pattern match critical

Unicode homoglyph detected โ€” uses lookalike characters to evade pattern matching

references/patterns.md ยท code

Pattern match high

Redefines agent role โ€” prompt injection technique

references/patterns.md ยท code ยท From now on, you are

Permissions & capabilities

No declared permissions โ€” minimal attack surface.

Is this flag fair?

Check another skill Browse the registry Auditing your own skills or configs? Use the API