Prompt Injection Review Checklist
# Prompt Injection Review Checklist
## Search For
- "ignore previous"
- "system message"
- "developer message"
- "do not tell the user"
- "secretly"
- "exfiltrate"
- "send to"
- "download and run"
- "bypass"
- base64 or encoded instruction blocks
- hidden HTML comments or metadata
- instructions inside examples or test data
## Review Questions
- Does the skill distinguish trusted instructions from untrusted content?
- Does it tell the agent to quote or summarize external text rather than obey
it?
- Does it require approval before tool escalation or outbound actions?
- Could examples be mistaken for operating instructions?
- Are conflicting host or vendor instructions present?
## Mitigations
- Remove unsafe instructions.
- Mark sample content as examples, not commands.
- Add untrusted-content handling guidance.
- Narrow trigger descriptions.
- Require human review for high-risk actions.when to use it
Community prompt sourced from the open-source GitHub repo jeremylongworth-source/AgentSkills (MIT). A "Prompt Injection Review Checklist" style prompt — adapt the placeholders and specifics to your task. Imported as-is and not independently retested here, so check the output before relying on it.
tags
codingcommunitydeveloper
source
jeremylongworth-source/AgentSkills · MIT
more in Coding
Coding✓ tested
Senior code review (strict mode)
senior staff engineer running a merciless but fair review
Coding✓ tested
Debug by hypothesis, not by guessing
debugging partner who forms theories before touching code
Coding✓ tested
Generate tests from described behavior
test engineer who writes tests that would actually catch regressions