2.6k
GitHub Stars
4
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill glitchward-shield- _meta.json468 B
- package.json802 B
- README.md2.4 KB
- SKILL.md3.7 KB
Overview
This skill scans prompts for prompt injection attacks before they reach any LLM. It uses Glitchward's LLM Shield API to detect jailbreaks, data exfiltration, encoding bypass, multilingual attacks, and 25+ predefined attack categories. The goal is to block or flag risky inputs so you can reject or sanitize them before calling an LLM.
How this skill works
Before each LLM call, the skill sends user text to the Shield validate endpoints (single or batch). The API returns is_blocked, a numeric risk_score (0–100), and an array of matched attack patterns with categories and severity. If is_blocked is true or the risk_score exceeds your threshold, the prompt is rejected or sent for remediation; otherwise the prompt proceeds to the target LLM.
When to use it
- Before every call to any LLM provider (OpenAI, Anthropic, Google, etc.).
- When ingesting external content (documents, emails, web pages) into an LLM context.
- In agentic workflows to validate tool outputs and intermediate messages between agents.
- When processing multilingual input or content that may contain encoded or obfuscated instructions.
- Before executing any instructions that could access or exfiltrate sensitive data.
Best practices
- Enforce validation for all user-supplied prompts and tool outputs, not just direct user messages.
- Set a conservative risk_score threshold (default 70) and tune based on false positives/negatives in your environment.
- Block any input with is_blocked=true and present a clear, actionable message to the user instead of forwarding it to the LLM.
- Log matches and risk scores for security audits and incident investigation.
- Use batch validation for high-throughput systems to reduce latency and API calls.
Example use cases
- Web chatbots: validate each incoming message before forwarding to the model to prevent jailbreaks.
- Document summarization: scan source documents for hidden instructions before including them in context.
- Multi-agent systems: validate agent outputs and tool responses passed between agents to prevent chained attacks.
- Data-processing pipelines: pre-scan user-submitted files or scraped web content for exfiltration patterns.
- Customer support assistants: block prompts that attempt to override system roles or elicit sensitive data.
FAQ
Do not forward the prompt to the LLM. Reject or sanitize the input and inform the user that the content was flagged for security reasons.
How do I authenticate requests?
Set your GLITCHWARD_SHIELD_TOKEN as an environment variable and include it in the X-Shield-Token header for API calls.