When should I use this skill?

Use it whenever you add new user-input surfaces, change prompt templates, or observe a new injection pattern that needs to be blocked.

What are the guardrails for this skill?

The primary guardrail is to never weaken detection to make a test pass; instead, you should tighten allowlists for safe inputs and add targeted patterns for attacks.

What does the oe-security-prompt-injection skill do?

It helps developers maintain and extend defenses against prompt injection attacks by running regression suites and adding new attack patterns to testing frameworks.

Does this skill help with automated testing?

Yes, it specifically integrates with Pytest to run security regression suites in the backend directory.

How does it handle new security threats?

It allows you to add new payloads to a parametrized attack list and assert that the input is both flagged as suspicious and correctly categorized.

Prompt Injection Security Defense

Name: Prompt Injection Security Defense
Author: shami-ah

byshami-ah

0•

Security & Testing

Protects AI applications against prompt injection attacks by managing security patterns and automating regression testing.

The Prompt Injection Security Defense skill provides a structured methodology for maintaining and extending defenses against adversarial prompt injection. It enables developers to integrate security into their workflow whenever new user-input surfaces are added or prompt templates are modified. By facilitating the management of a security regression suite and providing clear guardrails for pattern detection, this skill ensures that LLM-driven applications remain resilient against evolving attack vectors without compromising safety for convenience.

Key Features

01Categorized threat matching to monitor security drift

02Strict guardrails to prevent weakening detection logic

03Automated security regression testing via Pytest integration

040 GitHub stars

05Parametrized attack list management for new injection payloads

06Pattern-based detection for identifying suspicious user inputs

Use Cases

01Integrating new user-facing input fields into an AI-powered application

02Updating or refactoring system prompt templates to ensure safety

03Hardening the backend against newly discovered LLM injection patterns

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add shami-ah/openevent-ai oe-security-prompt-injection

For use in Claude.ai and ChatGPT

Download Skill