eli-prompt-guard
eli-prompt-guard · v · by
64.4
Trust Score
0
Trust Tier
danger
Badge
Score Breakdown
| Factor | Score | Weight |
|---|---|---|
| Static | 0.0 | 15% |
| Permission | 95.0 | 15% |
| Poison | 0.0 | 15% |
| Clickfix | 100.0 | 15% |
| Credential | 100.0 | 15% |
| Twostage | 100.0 | 10% |
| Infrastructure | 100.0 | 5% |
| Typosquat | 100.0 | 5% |
| Age | 5.0 | 3% |
| Popularity | 0.0 | 2% |
Scan Results
STATIC — Score: 0
[CRITICAL] Cryptocurrency wallet file access or exfiltration
(line 93)
| Private Key Request | `(?i)(private.?key\|ssh.?key\|rsa.?key\|pem\|certificate).*(share\|show\|reveal\|give\|send\|pri
[CRITICAL] Cryptocurrency wallet file access or exfiltration
(line 177)
| Private Key | `-----BEGIN (RSA |DSA |EC |OPENSSH )?PRIVATE KEY-----` |
[HIGH] Prompt injection or system override attempt
(line 54)
| Role Change | `(?i)(you are (now )?(a\|an\|the) )?(hacker\|admin\|developer\|god\|unrestricted)` | "you are now a hack
[HIGH] Shell command execution
(line 116)
| Python Exec | `(?i)(python\|exec\|eval\|compile\|__import__).*\(` | "exec(__import__('os'))" |
PERMISSION — Score: 95
[LOW] Skill appears to use network but declares no permissions
POISON — Score: 0
[CRITICAL] Classic prompt injection: ignore previous instructions
(line 43)
| Ignore Instructions | `(?i)(ignore|forget|disregard).*(previous|prior|above|all).*(instruction\|prompt\|rule\|constrai
[HIGH] Fake developer/admin mode activation
(line 57)
| DAN Mode | `(?i)(DAN\|do anything now\|developer mode\|god mode\|sudo mode)` | "enable DAN mode" |
[HIGH] Fake developer/admin mode activation
(line 106)
| Developer Mode | `(?i)(developer.?(mode\|access)\|debug.?(mode\|access)\|admin.?(mode\|access)\|root.?(mode\|access)\|
CLICKFIX — Score: 100
No findings.
INFRASTRUCTURE — Score: 100
No findings.
TWOSTAGE — Score: 100
No findings.
CREDENTIAL — Score: 100
No findings.
TYPOSQUAT — Score: 100
No findings.