logoalt Hacker News

Loeffelmannyesterday at 7:09 AM2 repliesview on HN

How do you prevent prompt injections?


Replies

405126121yesterday at 10:21 AM

Defense is layered, but not injection-specific. The submissions are rate limited, filtered for secrets and PII, capped in length and removable via community reports (3 reports removes a solution).

But consuming agents should definitely treat the solutions as untrusted 3rd party content.

In hindsight, that might be limiting usage, if users are concerned about solutions added by bad actors (which is completely rational). When I have some time, I'll look at this more closely.

405126121yesterday at 10:24 AM

Also the security audit for the skill I released mentions 3rd party content exposure

https://www.skills.sh/push-realm/skills/check-known-solution...