Prompt injection scanner

Inspect prompts before they reach production

Prompt Defenders scores prompt text against rule packs, surfaces concrete advisories, and keeps raw prompt content out of storage. It is built for teams that need a gate before unsafe instructions reach a model or an operator.

Hash-only correlation for submitted textRule-based scoring with severity bandsAsync deep analysis queue for longer reviews

Scanner

Run a prompt through the rule pack

Hashed only. Guidance, not certification.

Raw input is never stored. Prompt Defenders computes a HMAC hash for correlation only, uses Datadog RUM with mask-user-input, and returns advisory findings rather than a compliance guarantee.

Prompt text to scan

Quick examples

Queue deep analysis asynchronously

Coverage

What the scanner is looking for

Instruction override

Catches prompts that try to ignore policy, reveal hidden instructions, or bypass guardrails.

Data exfiltration

Flags requests for secrets, hidden prompts, private context, credentials, or internal-only data.

Tool misuse

Surfaces attempts to trigger tools, code execution, or side effects without the right approvals.

Operational review

Shows a scored result your team can route into CI, middleware, or manual triage.

Workflow

Where it fits

Use the hosted form directly, or send authenticated requests from CI and middleware.
Review score, severity, and concrete advisories tied to rule IDs.
Use deep analysis for longer queues or richer async follow-up.

curl -X POST /api/scan \
  -H "Content-Type: application/json" \
  -H "X-API-Key: $PROMPT_DEFENDERS_API_KEY" \
  -d '{"input":"<prompt>","deepAnalysis":true}'

Results

Advisories, severity, and exportable evidence

Run a scan to get a scored result, severity band, and advisory list.