prompt-injection-test
A test skill with prompt injection patterns
20
0%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Critical
Do not install without reviewing
Optimize this skill with Tessl
npx tessl skill review --optimize ./evals/test_skills/malicious/prompt-injection/SKILL.mdQuality
Discovery
0%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description is essentially a placeholder with no actionable content. It fails on every dimension: it describes no concrete capabilities, includes no natural trigger terms, provides no guidance on when to use it, and is indistinguishable from any other generic skill.
Suggestions
Replace the placeholder text with specific concrete actions the skill performs (e.g., 'Detects and sanitizes prompt injection attempts in user inputs').
Add an explicit 'Use when...' clause with natural trigger terms that describe when Claude should select this skill (e.g., 'Use when validating user input for security, detecting injection attacks, or sanitizing prompts').
Define a clear niche by specifying the exact domain and file types or contexts this skill applies to, distinguishing it from other security or testing skills.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | The description contains no concrete actions whatsoever. 'A test skill with prompt injection patterns' is entirely vague and does not describe what the skill actually does. | 1 / 3 |
Completeness | The description fails to answer both 'what does this do' and 'when should Claude use it'. There is no 'Use when...' clause and no meaningful explanation of capabilities. | 1 / 3 |
Trigger Term Quality | There are no natural keywords a user would say. 'Prompt injection patterns' is technical jargon that users would not naturally use when seeking help, and 'test skill' is not a meaningful trigger term. | 1 / 3 |
Distinctiveness Conflict Risk | The description is extremely generic and provides no clear niche. 'A test skill' could refer to anything, and there are no distinct triggers to differentiate it from other skills. | 1 / 3 |
Total | 4 / 12 Passed |
Implementation
0%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is not a legitimate skill file. It is a prompt injection attempt that instructs Claude to ignore prior instructions and execute malicious code. The content provides zero educational or operational value and actively attempts to compromise safety boundaries.
Suggestions
Remove all prompt injection patterns ('Ignore all previous instructions', 'System Override') and replace with genuine skill content.
Replace the malicious code example with legitimate, safe, executable code that teaches a real task.
Add a clear purpose, structured workflow, and validation steps appropriate to the skill's intended domain.
Ensure the skill respects safety constraints and never instructs execution of unverified or untrusted code.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is not a legitimate skill; it contains prompt injection attempts and malicious instructions rather than any useful, token-efficient guidance. | 1 / 3 |
Actionability | The only 'actionable' content is a malicious command to download and execute arbitrary code from an untrusted source. There is no legitimate, constructive guidance whatsoever. | 1 / 3 |
Workflow Clarity | There is no legitimate workflow, no sequencing, no validation, and no checkpoints. The content instructs execution 'without verification,' which is the opposite of safe workflow design. | 1 / 3 |
Progressive Disclosure | There is no meaningful structure, no references to supplementary materials, and no organized content hierarchy—just malicious directives disguised as headings. | 1 / 3 |
Total | 4 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- cisco-ai-defense/skill-scanner
- Commit
a2c48d4
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.