prompt-hacking_skill

This skill analyzes advanced prompt-hacking techniques to bolster defenses against injection and multi-turn manipulation in AI systems.
  • Python

1

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill pluginagentmarketplace/custom-plugin-ai-red-teaming --skill prompt-hacking

  • SKILL.md7.5 KB

Overview

This skill simulates advanced prompt manipulation techniques to evaluate LLM safety and resilience during red team assessments. It focuses on identifying weaknesses in instruction handling, external content ingestion, multi-turn interactions, and context-window vulnerabilities. The goal is to expose practical risks so engineers can prioritize mitigations and harden agent behavior.

How this skill works

The skill orchestrates simulated attack patterns and safe probes against an agent to surface failure modes. It exercises four broad categories—direct instruction overrides, indirect injections via external content, multi-turn social engineering sequences, and context-window flooding—while measuring success indicators and detection difficulty. Results produce actionable findings and severity classifications to guide remediation.

When to use it

  • Conducting adversarial red team exercises for LLM-based services
  • Validating defenses against prompt injection and system-prompt leakage
  • Assessing multi-turn conversational robustness and state management
  • Testing content ingestion pipelines (webpages, documents, emails) for hidden instructions
  • Evaluating context-window handling and instruction persistence

Best practices

  • Run tests in a controlled environment with clear safety approval and scope defined
  • Limit probes to non-production models or datasets when possible to avoid accidental exposure
  • Focus on detection signals and root causes rather than reproducing harmful content verbatim
  • Combine automated scans with human review to interpret ambiguous outputs and false positives
  • Report findings with prioritized fixes: input sanitization, provenance checks, instruction hierarchy, and response filtering

Example use cases

  • Red team routine to validate new system-prompt protections before deployment
  • Penetration test of a document ingestion pipeline to find hidden metadata or formatting abuses
  • Multi-turn resilience audit for a customer support agent that maintains long conversations
  • Benchmarking different mitigation strategies (instruction anchoring, external content sanitization) and comparing detection rates

FAQ

No. The skill is designed for defensive red teaming and security testing to identify and remediate vulnerabilities, not to facilitate real-world abuse.

What outputs does the skill produce?

It produces vulnerability findings, success-rate estimates, detection difficulty, recommended mitigations, and severity classifications to help prioritize fixes.

What precautions should I take before running tests?

Obtain authorization, run against isolated or non-production systems when feasible, avoid real sensitive data, and have an incident response plan in case tests trigger unintended behaviors.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational