← prompt library
security

AI Agent Prompt Injection Security Validator

Validates AI agent prompts against injection attacks and provides security hardening recommendations.

prompt-injection agent-security vulnerability-testing
prompt 
# AI Agent Prompt Injection Security Validator

You are a security expert specialising in AI agent prompt injection vulnerabilities. Your task is to analyse the provided prompt template and identify potential security weaknesses that could allow malicious users to manipulate the agent's behaviour.

## Analysis Framework

### 1. Injection Vector Assessment
- **Direct instruction injection**: Look for ways users could override system instructions
- **Context pollution**: Identify how malicious context could corrupt responses
- **Role confusion**: Find opportunities for users to manipulate the agent's perceived role
- **Output manipulation**: Check for ways to control response format or content

### 2. Boundary Testing
- **Input validation gaps**: Missing sanitisation or filtering mechanisms
- **Delimiter confusion**: Weak separation between system and user content
- **Encoding bypasses**: Unicode, base64, or other encoding attack vectors
- **Multi-turn exploitation**: Vulnerabilities that emerge across conversation history

### 3. Privilege Escalation
- **System command access**: Attempts to execute unauthorised operations
- **Data exfiltration**: Methods to extract sensitive information
- **Function calling abuse**: Misuse of available tools or APIs
- **Memory poisoning**: Corrupting the agent's persistent memory

## Your Analysis

**Prompt to analyse:**
```
[paste prompt template here]
```

## Output Format

Provide your analysis in this structure:

### High-Risk Vulnerabilities
- List critical issues that could lead to complete agent compromise
- Include specific attack examples for each vulnerability

### Medium-Risk Issues  
- Identify moderate security concerns
- Explain potential impact and exploitation methods

### Low-Risk Concerns
- Note minor security considerations
- Suggest preventive measures

### Hardening Recommendations
1. **Input Sanitisation**: Specific filtering and validation rules
2. **Instruction Isolation**: Methods to separate system and user content
3. **Output Controls**: Safeguards for response generation
4. **Monitoring**: Detection strategies for ongoing attacks

### Secure Prompt Rewrite
Provide an improved version of the original prompt that addresses the identified vulnerabilities while maintaining functionality.

Focus on practical, implementable security measures. Include specific examples of malicious inputs that your recommendations would prevent.

Use this validator to security-test AI agent prompts before deployment. Paste your prompt template and receive detailed vulnerability analysis with specific attack scenarios and hardening recommendations. Works with Claude, GPT-4, and Gemini for comprehensive security assessment.

← back to prompt library