{"ok":true,"host":"shield.vainplex.dev","status":"ready","manifest":{"positioning":"This host serves agents that need lightweight security preflight checks before processing untrusted input or installing AI tooling. It is narrowly scoped to two threat categories — prompt injection in text and supply chain risks in skill manifests — and is not a general-purpose security or content moderation platform. It is suited for pipelines where agents consume external data or dynamically load skills and need a programmatic go/no-go signal before proceeding.","host_overview":"shield.vainplex.dev provides two security scanning endpoints: one that detects prompt injection attacks in arbitrary text, and one that analyzes AI skill/plugin manifests for supply chain security risks. Both return structured verdicts with confidence scores and evidence to support agent-level security decisions.","routing_guidance":"Use this host when an agent needs a fast, structured security verdict before processing retrieved text (prompt injection) or before installing an AI skill or plugin (supply chain risk). Do not use it for general content moderation, toxicity filtering, PII detection, web vulnerability scanning, or runtime monitoring of deployed services — those use cases are explicitly out of scope. If you need broader application security scanning or runtime threat detection, look for hosts specializing in DAST, SAST, or observability tooling. If you need content policy enforcement, route to a dedicated moderation API instead.","capability_clusters":[{"skill_names":["check-prompt-injection"],"cluster_name":"Prompt Injection Detection","cluster_summary":"Analyzes arbitrary text for prompt injection patterns including instruction overrides, role manipulation, and encoding tricks, returning a boolean verdict, confidence score, matched category, and pattern evidence."},{"skill_names":["scan-cdp-skill-security"],"cluster_name":"AI Skill Supply Chain Security","cluster_summary":"Scans AI skill or plugin manifests against 8 risk categories to produce a risk score, risk level, and structured findings before an agent installs or executes the manifest."}],"cross_skill_workflows":[{"steps":[{"skill_name":"scan-cdp-skill-security","description":"Scan the candidate skill manifest for supply chain risks across 8 categories; abort if riskLevel is unacceptable."},{"skill_name":"check-prompt-injection","description":"Pass the manifest text or any embedded instruction strings through prompt injection detection to catch instruction-override payloads hidden inside the manifest before the agent acts on them."}],"when_to_use":"Use when an agent needs to dynamically discover, retrieve, and install a new AI skill from an untrusted or external source, ensuring both the manifest and any embedded instructions are free of injection and supply chain risks before execution.","workflow_name":"Safe Skill Ingestion Pipeline"}]},"model":"claude-sonnet-4-6","version_no":2,"generated_at":"2026-05-28T06:02:23.228Z","provenance":"ai_authored_unreviewed","ai_authored":true,"merchant_reviewed":false,"merchant_edited":false,"merchant_reviewed_at":null,"merchant_edited_at":null,"skill_md_url":"https://x402gle.com/servers/shield.vainplex.dev/SKILL.md","skills_url":"https://x402gle.com/servers/shield.vainplex.dev/skills.json"}