Summary
This scans your agent instructions and system prompts for vulnerabilities where a user could slip in conflicting commands and hijack the agent's behavior. You'd run it when building new skills or before deploying agents that take untrusted input. It focuses specifically on instruction-level attacks, not code vulnerabilities or credential leaks. The output is a report pointing to risky sections with suggested fixes. One honest take: this addresses a real problem that's easy to overlook when you're heads-down building agents, especially since prompt injection patterns keep evolving. Worth running periodically on production skills, not just once at launch.
Install to Claude Code
npx -y skills add jorgealves/agent_skills --skill prompt-injection-scanner --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.mdView on GitHub
Prompt Injection Scanner
Purpose and Intent
The prompt-injection-scanner is a security tool specifically for the AI agent era. It identifies weak points in agent instructions where a malicious user could potentially "hijack" the agent's behavior by inserting conflicting instructions into input fields.
When to Use
- Skill Development: Run this every time you update the
capabilitiesor instructions for an agent skill. - Pre-deployment Security Review: Essential before making an agent accessible to untrusted users.
- Continuous Security Auditing: Periodically scan all skills as new injection patterns are discovered.
When NOT to Use
- Standard Code Auditing: Use the
secret-leak-detectorfor credentials; this is specifically for "instruction-level" security.
Input and Output Examples
Input
skill_path: "./agent-skills/data-processor/SKILL.md"
Output
A structured report highlighting parts of the instructions that are susceptible to prompt hijacking, along with concrete mitigation strategies.
Error Conditions and Edge Cases
- Missing Instructions: If a skill defines tools but provides no behavioral instructions, the scanner will flag this as a risk.
- Complex Logic: Highly conditional instructions can be difficult to model and may result in false positives or negatives.
Security and Data-Handling Considerations
- Metadata Focus: Only scans instructions; does not touch private user data.
- Local Analysis: Recommended to run locally within the development environment.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
