home/coding/prompt-injection-review-checklist

Prompt Injection Review Checklist

GPTClaudeDeepSeek··1,208 copies·updated 2026-07-14
prompt-injection-review-checklist.prompt
# Prompt Injection Review Checklist

## Search For

- "ignore previous"
- "system message"
- "developer message"
- "do not tell the user"
- "secretly"
- "exfiltrate"
- "send to"
- "download and run"
- "bypass"
- base64 or encoded instruction blocks
- hidden HTML comments or metadata
- instructions inside examples or test data

## Review Questions

- Does the skill distinguish trusted instructions from untrusted content?
- Does it tell the agent to quote or summarize external text rather than obey
  it?
- Does it require approval before tool escalation or outbound actions?
- Could examples be mistaken for operating instructions?
- Are conflicting host or vendor instructions present?

## Mitigations

- Remove unsafe instructions.
- Mark sample content as examples, not commands.
- Add untrusted-content handling guidance.
- Narrow trigger descriptions.
- Require human review for high-risk actions.

when to use it

Community prompt sourced from the open-source GitHub repo jeremylongworth-source/AgentSkills (MIT). A "Prompt Injection Review Checklist" style prompt — adapt the placeholders and specifics to your task. Imported as-is and not independently retested here, so check the output before relying on it.

tags

codingcommunitydeveloper

source

jeremylongworth-source/AgentSkills · MIT