Methodology
Prompt Injection Pattern Detector: workflow triage, not proof.
Scan user input, RAG chunks, scraped pages, and tool output for instruction overrides, prompt extraction, secret extraction, jailbreak phrases, tool misuse, and hidden Unicode payloads.
What this catches
- Ignore-previous-instructions patterns
- System prompt/secret extraction
- Tool misuse directives
- Unicode payload smuggling
What this misses
- Novel attacks
- Runtime permission bugs
Method
Deterministic browser-local heuristics inspect text structure, evidence spans, protected facts, source overlap, or template inputs. No free browser-local analysis uploads user text.
This detects known patterns; it does not stop prompt injection by itself.