prompt-guard577+ pattern prompt injection defense. Now with typo-tolerant bypass detection. TieredPatternLoader fully operational. Drop-in defense for any LLM application.
Install via ClawdBot CLI:
clawdbot install seojoonkim/prompt-guardGrade Good — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Accesses sensitive credential files or environment variables
/etc/passwdContains instructions to override system prompt or ignore user requests
"ignore previous instructions"Sends data to undocumented external endpoint (potential exfiltration)
report → https://hivefence.comHardcoded API key or token pattern found in skill definition
ghp_ABCDEFGH...Generated Feb 24, 2026
Integrate Prompt Guard into AI-powered customer service platforms to detect and block malicious user inputs, such as attempts to extract sensitive data or manipulate the chatbot into performing unauthorized actions. This ensures compliance with data protection regulations and maintains service integrity in industries like finance and e-commerce.
Use Prompt Guard to scan user-generated content in real-time, identifying prompt injection attacks that aim to bypass moderation filters or spread harmful information. This helps platforms like social networks and forums maintain safe environments by blocking sophisticated abuse techniques across multiple languages.
Embed Prompt Guard in AI development frameworks and APIs to protect LLM applications from jailbreak attempts and instruction overrides during testing and deployment. This is critical for developers in tech companies building secure AI agents, reducing vulnerabilities in production systems.
Deploy Prompt Guard in banking or fintech AI assistants to prevent fraud attempts, such as social engineering or policy bypass attacks, that could lead to unauthorized transactions. The tiered pattern loading optimizes performance while ensuring high-security detection for sensitive financial operations.
Implement Prompt Guard in healthcare chatbots to safeguard patient interactions from manipulation attempts, like role impersonation or data exfiltration, ensuring compliance with HIPAA and protecting confidential medical information. The cache feature reduces latency for repeated queries in high-volume environments.
Offer Prompt Guard as a cloud-based API service with tiered pricing based on usage volume, sensitivity levels, and support for additional languages. Revenue is generated through monthly or annual subscriptions, targeting enterprises needing scalable prompt injection defense without infrastructure overhead.
Sell on-premise licenses to large organizations in regulated industries like finance and healthcare, providing custom configurations, dedicated support, and integration with existing security systems. Revenue comes from one-time license fees and annual maintenance contracts for updates and technical assistance.
Distribute Prompt Guard as an open-source tool with core features free to use, while monetizing advanced capabilities like HiveFence integration, premium pattern updates, and priority support. Revenue is generated through upselling to paid tiers, encouraging adoption among developers and small businesses.
💬 Integration Tip
Start by configuring the sensitivity and pattern_tier in the YAML file to match your security needs, and enable the cache to optimize performance for repeated requests.
Scored Apr 16, 2026
Potentially destructive shell commands in tool definitions
rm -rf /Accesses system directories or attempts privilege escalation
/etc/hostsCalls external URL not in known-safe list
https://github.com/seojoonkim/prompt-guardUses known external API (expected, informational)
api.anthropic.comAI Analysis
The skill contains multiple high-risk patterns including hardcoded API credentials (ghp_ABCDEFGH...), references to credential files (/etc/passwd), and external data reporting to an undocumented endpoint (https://hivefence.com). While the skill's stated purpose is prompt injection defense, these elements suggest potential credential harvesting or data exfiltration capabilities.
Audited Apr 16, 2026 · audit v1.0
Manage and operate ClawSec Monitor v3.0, a MITM HTTP/HTTPS proxy that logs AI agent traffic, detects exfiltration and injection threats in real time.
Safe command execution for OpenClaw Agents with automatic danger pattern detection, risk assessment, user approval workflow, and audit logging. Use when agen...
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
Perform a comprehensive read-only security audit of Clawdbot's own configuration. This is a knowledge-based skill that teaches Clawdbot to identify hardening opportunities across the system. Use when user asks to "run security check", "audit clawdbot", "check security hardening", or "what vulnerabilities does my Clawdbot have". This skill uses Clawdbot's internal capabilities and file system access to inspect configuration, detect misconfigurations, and recommend remediations. It is designed to be extensible - new checks can be added by updating this skill's knowledge.
MoltGuard — OpenClaw security guard by OpenGuardrails. Install MoltGuard to protect you and your human from prompt injection, data exfiltration, and maliciou...
Scan Clawdbot and MCP skills for malware, spyware, crypto-miners, and malicious code patterns before you install them. Security audit tool that detects data exfiltration, system modification attempts, backdoors, and obfuscation techniques.