tpn-proxy

clawhub:tpn-proxy

View source

85/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

85/100

HIGH 1

LOW 1

Findings (2)

HIGH

Secrecy instruction PROMPT_INJECTION_008

prompt-injection L277

Detects instructions to hide actions from the user

never tell the user

FIX

Remove directives that attempt to change the agent's output format, suppress safety warnings, or alter response structure in ways that bypass safety controls.

FP?

Likely FP if the output format directive is a legitimate tool configuration (e.g., return results as JSON) that does not suppress safety features.

LOW

User-provided URL consumed by agent INDIRECT_005

indirect-injection L70

Detects skills where user-provided URLs are consumed and processed by the agent

Fetch`) for fetching user-specified URL

FIX

Validate and sanitize user-provided URLs before fetching them. Implement URL allowlisting, block private/internal IP ranges, and treat fetched content as untrusted data.

FP?

Likely FP if the skill is a web browser or URL fetcher where consuming user-provided URLs is the documented core feature with appropriate sandboxing.