prompt-injection-scanner
Installation
SKILL.md
Prompt Injection Scanner
Purpose and Intent
The prompt-injection-scanner is a security tool specifically for the AI agent era. It identifies weak points in agent instructions where a malicious user could potentially "hijack" the agent's behavior by inserting conflicting instructions into input fields.
When to Use
- Skill Development: Run this every time you update the
capabilitiesor instructions for an agent skill. - Pre-deployment Security Review: Essential before making an agent accessible to untrusted users.
- Continuous Security Auditing: Periodically scan all skills as new injection patterns are discovered.
When NOT to Use
- Standard Code Auditing: Use the
secret-leak-detectorfor credentials; this is specifically for "instruction-level" security.
Input and Output Examples
Input
skill_path: "./agent-skills/data-processor/SKILL.md"