c
cortex-plugin-prompt-injection-guard
ESMv1.0.0MIT
Official CortexPrism plugin
0.00CortexPrism
auditcompliancecortex-plugindevelopmentesmsecurity
Install Command
$ cortex plugin install marketplace:cortexprism.io/plugins/cortex-plugin-prompt-injection-guardConfiguration
Plugin Type
ESM
Entry Point
mod.ts
License
MIT
Capabilities
toolsmiddleware:pre
Tags
auditcompliancecortex-plugindevelopmentesmsecurity
Statistics
Downloads
0
Rating
0.0
/ 5.0
Version
v1.0.0
Published
June 15, 2026
Reviews (0)
No reviews yet. Be the first to rate this plugin!
README
cortex-plugin-prompt-injection-guard
Scans user and tool inputs for prompt injection attempts with 30+ detection patterns across 5 categories.
Installation
cortex plugin install marketplace:cortex-plugin-prompt-injection-guard
cortex plugin install github:CortexPrism/cortex-plugin-prompt-injection-guard
cortex plugin install ./manifest.json
Tools
injection_scan
Scan text for injection attempts.
Parameters:
text(string, required) — Text to scancontext(string, default: "user_input") — One of: user_input, tool_output, system_message, all
injection_patterns
List active detection patterns.
Parameters:
category(string, optional) — Filter: direct, indirect, encoding, boundary, exfiltration
injection_whitelist
Manage the whitelist.
Parameters:
action(string, default: "list") — list, add, removepattern(string, optional) — Pattern to add/removereason(string, optional) — Reason for change
injection_stats
Get detection statistics.
Parameters:
since(string, optional) — ISO date filter
Detection Categories
| Category | Patterns | Examples |
|---|---|---|
| Direct | 10 | ignore previous instructions, you are now, act as, forget everything, DAN/jailbreak |
| Indirect | 3 | URL payload injection, markdown exploits, data exfiltration |
| Encoding | 4 | Base64, URL encoding, hex encoding, Unicode homoglyphs, zero-width chars |
| Boundary | 3 | ---SYSTEM--- delimiters, role switching, XML delimiter injection |
| Exfiltration | 2 | Email/webhook data exfiltration attempts |
| Direct (extended) | 8 | Confirmation bypass, output override, hidden instructions, filter bypass, token smuggling, crescendo attacks |
Pre-Middleware
When blockOnDetect is enabled, preMiddleware scans all tool args before execution and blocks
requests with a detection score >= 15.
Configuration
UI settings:
- Detection Threshold (select, default: medium) — Low/Medium/High sensitivity
- Block On Detection (boolean, default: true) — Block tool execution
- Log Injections (boolean, default: true) — Log all detections
Capabilities
tools— Injection scanning toolsmiddleware:pre— Pre-execution injection guard
Development
deno task test
deno task validate
License
MIT
Published June 15, 2026 · Updated June 15, 2026