docs: add prompt-guard security skill recommendation

[seojoonkim]

Summary

Adds a recommendation for the prompt-guard security skill in the Security defaults section of the README.

Why?

Moltbot users running agents in group chats or multi-user environments are vulnerable to prompt injection attacks. Prompt Guard provides:

• 🌍 Multi-language detection (EN/KO/JA/ZH)
• 🔐 Secret exfiltration blocking
• 👤 Owner-only command restrictions
• 🔧 Security audit tools

Changes

• Added "Recommended: Prompt Injection Defense" subsection under Security defaults
• Links to GitHub repo and ClawdHub installation

Related

• prompt-guard on GitHub
• prompt-guard on ClawdHub

Greptile Overview

Greptile Summary

This PR updates README.md’s “Security defaults (DM access)” section by adding a new “Recommended: Prompt Injection Defense” subsection that suggests installing the third-party Prompt Guard skill via clawdhub install prompt-guard, and links to the skill’s GitHub repo and ClawdHub listing. The change fits as an additional hardening recommendation for users operating Moltbot in group chats/multi-user environments, complementing the existing DM pairing/allowlist guidance.

Confidence Score: 4/5

• This PR is safe to merge; it’s a small documentation-only change with minor messaging/trust clarity considerations.
• The change only adds README text and links, so there’s no runtime impact. The main risk is readers interpreting the recommendation as official/vetted; adding a short third-party disclaimer would reduce confusion.
• README.md

_{(2/5) Greptile learns from your feedback when you react with thumbs up/down!}

Context used:

• Context from dashboard - CLAUDE.md (source)
• Context from dashboard - AGENTS.md (source)

[tmchow]

Better way might be using ACIP instead:
https://github.com/Dicklesworthstone/acip

It's very comprehensive with a one liner install:

curl -fsSL "https://raw.githubusercontent.com/Dicklesworthstone/acip/main/integrations/clawdbot/install.sh" | bash

[greptile-apps]

_{1 file reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

[P2] README "Security defaults" section recommends a third-party skill without any safety/trust caveat.

This adds installation instructions for an external “security skill” from an individual GitHub repo. Given this is a security-focused recommendation, readers may assume it’s vetted/official. Consider adding a brief note that it’s a community/third-party skill (not maintained by Moltbot) and that users should review/audit it before installing and granting it access to messages/tools; otherwise it can create a false sense of security or introduce its own risk.

Prompt To Fix With AI

This is a comment left during a code review.
Path: README.md
Line: 117:119

Comment:
[P2] README "Security defaults" section recommends a third-party skill without any safety/trust caveat.

This adds installation instructions for an external “security skill” from an individual GitHub repo. Given this is a security-focused recommendation, readers may assume it’s vetted/official. Consider adding a brief note that it’s a community/third-party skill (not maintained by Moltbot) and that users should review/audit it before installing and granting it access to messages/tools; otherwise it can create a false sense of security or introduce its own risk.

How can I resolve this? If you propose a fix, please make it concise.