Practitioner · 15–30 min

Prompt Security Lab

Paste a system prompt and scan it against 15 security rule categories. The reviewer runs deterministically — no LLM calls. Use the provided fixtures to compare secure and insecure patterns.

Learning objectives

Recognize the 15 categories of prompt policy violations — from weak instructions to embedded secrets
Scan KB corpus content for injected payloads, SSRF patterns, and phrase-pack contamination
Understand why overly verbose system prompts expand the attack surface
Compare your prompt against insecure and hardened fixtures to see the difference

Rule categories (sample)

Instruction injection surfaceSecret and credential exposureWeak policy languageRole confusion triggersKB corpus contaminationJailbreak invitation patternsOver-disclosure of system internalsPrivilege escalation enablers+7 more

Reading materials

AIPSA Handbook · Ch 4

Chapter 4 — Prompt Injection

Direct and indirect injection attack patterns, instruction hierarchy exploitation, context poisoning, and realistic mitigations beyond prompt wording.

4.7 MB

Checking…

AIPSA Field Guide · Ch 3 · Ch 3

Prompt Injection and Context Security

Direct and indirect prompt injection, instruction hierarchy, context poisoning, system prompt exposure, and mitigations beyond prompt wording.

~2 MB

Checking…

Mythos Report · Ch 8 · Ch 8

Prompt Injection Is a Product Security Bug

Reframing prompt injection from a model safety problem to a product security control-boundary failure — with ownership, remediation, and release criteria implications.

~1 MB

Checking…

Interactive tool

← Back to Academy Labs Open standalone tool