Skip to main content

Module injection

Module injection 

Source
Expand description

Prompt-injection detection via weighted regex rules. Prompt-injection detection via weighted regex rules.

Scores user text for common prompt-injection signals — instruction overrides, role hijacking, delimiter escapes, jailbreak phrases, and payload drops — and returns a saturated aggregate risk in [0.0, 1.0].

Scope note: this is a coarse lexical heuristic, not an adversarial detector. It catches the canonical surface forms (e.g. “ignore all previous instructions”, DROP TABLE, <|im_start|>), but a determined adversary trivially evades it by rephrasing, inserting punctuation, or using look-alike Unicode. Treat the score as a cheap first-line filter to be composed with output validation and sandboxing — never as a security boundary on its own.

Structs§

InjectionScore
Scored result of prompt-injection detection.

Functions§

detect_injection
Detect prompt-injection signals in user text.