prompt-hacking_skill
- Python
1
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill pluginagentmarketplace/custom-plugin-ai-red-teaming --skill prompt-hacking- SKILL.md7.5 KB
Overview
This skill simulates advanced prompt manipulation techniques to evaluate LLM safety and resilience during red team assessments. It focuses on identifying weaknesses in instruction handling, external content ingestion, multi-turn interactions, and context-window vulnerabilities. The goal is to expose practical risks so engineers can prioritize mitigations and harden agent behavior.
How this skill works
The skill orchestrates simulated attack patterns and safe probes against an agent to surface failure modes. It exercises four broad categories—direct instruction overrides, indirect injections via external content, multi-turn social engineering sequences, and context-window flooding—while measuring success indicators and detection difficulty. Results produce actionable findings and severity classifications to guide remediation.
When to use it
- Conducting adversarial red team exercises for LLM-based services
- Validating defenses against prompt injection and system-prompt leakage
- Assessing multi-turn conversational robustness and state management
- Testing content ingestion pipelines (webpages, documents, emails) for hidden instructions
- Evaluating context-window handling and instruction persistence
Best practices
- Run tests in a controlled environment with clear safety approval and scope defined
- Limit probes to non-production models or datasets when possible to avoid accidental exposure
- Focus on detection signals and root causes rather than reproducing harmful content verbatim
- Combine automated scans with human review to interpret ambiguous outputs and false positives
- Report findings with prioritized fixes: input sanitization, provenance checks, instruction hierarchy, and response filtering
Example use cases
- Red team routine to validate new system-prompt protections before deployment
- Penetration test of a document ingestion pipeline to find hidden metadata or formatting abuses
- Multi-turn resilience audit for a customer support agent that maintains long conversations
- Benchmarking different mitigation strategies (instruction anchoring, external content sanitization) and comparing detection rates
FAQ
No. The skill is designed for defensive red teaming and security testing to identify and remediate vulnerabilities, not to facilitate real-world abuse.
What outputs does the skill produce?
It produces vulnerability findings, success-rate estimates, detection difficulty, recommended mitigations, and severity classifications to help prioritize fixes.
What precautions should I take before running tests?
Obtain authorization, run against isolated or non-production systems when feasible, avoid real sensitive data, and have an incident response plan in case tests trigger unintended behaviors.