Prompt Template Scan
prompt_scanScan prompt template files to find prompt injection and unsafe interpolation risks, catching vulnerabilities that package scans miss.
Instructions
Scan prompt template files for prompt-injection and unsafe-interpolation risks.
Walks the given directory for prompt assets (``.prompt`` files,
``system_prompt.*``, and ``prompts/`` directories), then statically
inspects each template for injection-prone patterns and unsafe variable
interpolation (untrusted input concatenated into instructions, missing
delimiters, tool/role-confusion phrasing).
Args:
directory: Directory path to scan for prompt template files.
Returns:
JSON with the scanned files, per-file findings (rule id, severity,
line, message), and a summary count by severity.
Use this before shipping or registering agent prompts to catch
injection exposure that package and CVE scans do not cover.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| directory | Yes | Directory path to scan for prompt template files (.prompt, system_prompt.*, prompts/ directories). |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |