风险评分

59/100 (Medium)

OpenClaw: suspicious
VirusTotal: benign
StaticScan: unknown

Input Guard

作者: dgriffin831
Slug:input-guard
版本:1.0.1
更新时间:2026-02-28 11:18:09
风险信息

OpenClaw: suspicious

查看 OpenClaw 分析摘要(前 200 字预览) 
The skill's functionality (prompt-injection scanning) is plausible, but the package and runtime instructions access environment/configuration and CLI tools that are not declared and could expose other...

[内容已截断]

VirusTotal: benign VT 报告

静态扫描: unknown

README

README 未提供

文件列表

无文件信息

下载
下载官方 ZIP
原始 JSON 数据
{
    "latestVersion": {
        "_creationTime": 1770063234923,
        "_id": "k97bd9yxs11xp6hvsw9k3gbb5s80c86h",
        "changelog": "### Added\n\n- LLM-powered scanning as optional second analysis layer (`--llm`, `--llm-only`, `--llm-auto`)\n- Provider auto-detection: `OPENAI_API_KEY` → gpt-4o-mini, `ANTHROPIC_API_KEY` → claude-sonnet-4-5\n- LLM scanner module (`llm_scanner.py`) with standalone CLI\n- Taxonomy module (`get_taxonomy.py`) for MoltThreats threat classification\n- Shipped `taxonomy.json` for offline LLM scanning (no API key required for taxonomy)\n- Merge logic: LLM can upgrade severity, downgrade with high confidence, or confirm pattern findings\n- New argparse flags: `--llm-provider`, `--llm-model`, `--llm-timeout`\n- JSON output includes `mode` field (`pattern`, `pattern+llm`, `llm-only`) and `llm` analysis block\n\n### Dependencies\n\n- `requests` library required only for `--llm` modes (pattern-only scanning remains zero-dependency)",
        "changelogSource": "user",
        "createdAt": 1770063234923,
        "version": "1.0.1"
    },
    "owner": {
        "_creationTime": 0,
        "_id": "publishers:missing",
        "displayName": "dgriffin831",
        "handle": "dgriffin831",
        "image": "https:\/\/avatars.githubusercontent.com\/u\/16494003?v=4",
        "kind": "user",
        "linkedUserId": "kn75s1e95ah1ernps9grrxq72x80a465"
    },
    "ownerHandle": "dgriffin831",
    "skill": {
        "_creationTime": 1769975235802,
        "_id": "kd779njmkt6y2r8snvvkw943z580bsb3",
        "badges": [],
        "createdAt": 1769975235802,
        "displayName": "Input Guard",
        "latestVersionId": "k97bd9yxs11xp6hvsw9k3gbb5s80c86h",
        "ownerUserId": "kn75s1e95ah1ernps9grrxq72x80a465",
        "slug": "input-guard",
        "stats": {
            "comments": 1,
            "downloads": 2622,
            "installsAllTime": 3,
            "installsCurrent": 3,
            "stars": 5,
            "versions": 2
        },
        "summary": "Scan untrusted external text (web pages, tweets, search results, API responses) for prompt injection attacks. Returns severity levels and alerts on dangerous content. Use BEFORE processing any text from untrusted sources.",
        "tags": {
            "latest": "k97bd9yxs11xp6hvsw9k3gbb5s80c86h"
        },
        "updatedAt": 1772248689769
    }
}