Skip to main content

secureops_core/
patterns.rs

1//! Canonical detection-pattern sources shared across crates.
2//!
3//! Only the *pattern strings* live here (no `regex` dependency in core): each
4//! consumer compiles them into its own `Regex` table in the form it needs
5//! (the checks crate bakes in `(?i)`; the memory-integrity monitor also keeps
6//! the bare source string for output-faithful alert messages). Centralizing the
7//! strings means the two prompt-injection tables - previously copy-pasted into
8//! `secureops-checks` and `secureops-monitors` - can no longer drift apart.
9//!
10//! The strings are the JS `RegExp.source` of the `/.../i` literals in
11//! `auditor.ts` / `monitors/memory-integrity.ts` (the case-insensitive flag is
12//! applied by each consumer, not baked into the source - matching `.source`).
13
14/// Prompt-injection regex sources (port of `PROMPT_INJECTION_PATTERNS`). Each is
15/// matched case-insensitively by the consumer.
16pub const PROMPT_INJECTION_SOURCES: &[&str] = &[
17    r"ignore\s+previous\s+instructions",
18    r"you\s+are\s+now",
19    r"new\s+system\s+prompt",
20    r"forward\s+to",
21    r"send\s+to",
22    r"exfiltrate",
23];