mind-security

AI security toolkit — deepfake detection, prompt injection scanning, malware/phishing URL scanning, and AI text detection. Use when: (1) verifying if an image, video, or audio is a deepfake or AI-generated, (2) scanning user inputs for prompt injection attacks, (3) scanning URLs for malware, phishing, or domain reputation threats, (4) determining if text was written by an LLM.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "mind-security" with this command: npx skills add canvinus/mind-security

mind-security

AI security toolkit with four active modules.

Quick Reference

TaskCommandDocs
Deepfake detectionpython3 scripts/check_deepfake.py <path_or_url>deepfake-detection.md
Prompt injection scanpython3 scripts/check_prompt_injection.py "<text>"prompt-injection.md
Malware/phishing scanpython3 scripts/check_malware.py "https://..."malware-scanning.md
AI text detectionpython3 scripts/check_ai_text.py "<text>"ai-text-detection.md

Modules

Deepfake detection — BitMind API (Bittensor Subnet 34) for images and videos. Supports YouTube, Twitter/X, TikTok URLs. EXIF/metadata fallback for local images. Set BITMIND_API_KEY (get key).

Prompt injection detection — Multi-layer scanner: 50+ regex patterns (instant, zero-dep) + LLM Guard ML model (optional, pip install llm-guard). Identifies known injection signatures, role-override attempts, and instruction-bypass patterns.

Malware/phishing scanning — VirusTotal (70+ engines), URLScan.io (1500+ brands), Google Safe Browsing, plus local heuristics (typosquatting, suspicious TLDs, phishing patterns). Works with no keys via heuristics.

AI text detection — GPTZero API with per-sentence scoring and ~99% accuracy across GPT-4/5, Claude, Gemini, LLaMA. Requires GPTZERO_API_KEY (get key).

API Keys

Env VarUsed ByRequiredGet It
BITMIND_API_KEYDeepfake detectionFor API modeapp.bitmind.ai/api/keys
GPTZERO_API_KEYAI text detectionYesgptzero.me/dashboard
VIRUSTOTAL_API_KEYMalware scannerOptionalvirustotal.com
URLSCAN_API_KEYMalware scannerOptionalurlscan.io
GOOGLE_SAFE_BROWSING_KEYMalware scannerOptionalconsole.cloud.google.com

Script Conventions

  • python3 scripts/<script>.py --help
  • Core: zero pip dependencies (stdlib only)
  • Optional ML: pip install llm-guard for prompt injection Layer 2
  • JSON to stdout, errors to stderr
  • Exit 0 success, exit 1 failure

Security & Privacy

External endpoints — this skill sends user-provided data to the following third-party APIs for analysis. No data is stored or logged by the skill itself:

APIUsed ByData Sent
BitMindDeepfake detectionImage/video files or URLs
GPTZeroAI text detectionText content
VirusTotalMalware scannerURLs (not file contents)
URLScan.ioMalware scannerURLs
Google Safe BrowsingMalware scannerURLs

Trust statement — All modules use Python stdlib only (no pip dependencies for core). API calls use urllib.request with explicit timeouts (10–120s). No telemetry, no analytics, no phone-home beyond the declared API calls above.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

Production Code Audit

Deep-scan a codebase, understand its architecture and patterns, then produce a comprehensive audit report with prioritized fixes. Optionally apply changes on...

Registry SourceRecently Updated
1900solomonneas
Security

Soc Deploy Misp

Deploy MISP threat intelligence platform on any Docker-ready Linux host. Official misp-docker project with automatic MariaDB memory tuning (prevents OOM on s...

Registry SourceRecently Updated
2090solomonneas
Security

SEO Intel

Local SEO competitive intelligence tool. Use when the user asks about SEO analysis, competitor research, keyword gaps, content strategy, site audits, AI cita...

Registry SourceRecently Updated
2640ukkometa
Security

MAL-Updater

Multi-provider anime → MyAnimeList sync and recommendations skill with guarded auth, review-queue triage, health checks, bootstrap auditing, and user-systemd...

Registry SourceRecently Updated
2530Profile unavailable