prompt-injection-detector 作成者: Vishesh Agarwal

AI assistants like GitHub Copilot, ChatGPT, and others read web page content when you ask them to help. Attackers can hide malicious instructions in that content — invisible to you, but visible to the AI — to hijack its behaviour, steal your data, or bypass safety filters.

PromptGuard detects:
- Hidden elements (display:none, visibility:hidden, zero opacity, sub-pixel fonts, same-colour text)
- HTML comments — invisible to humans but read by AI tools ingesting page source
- LLM-specific formats: [INST], system:, assistant: prompt injection patterns

Three sensitivity levels:
- 🟢 Normal — high-confidence imperative overrides only (low false positives)
- 🟠 High — adds jailbreak, DAN, developer-mode, bypass patterns
- 🔴 Ultra — adds roleplay, persona, exfiltration, and LLM prompt-format patterns

Click any finding to flash and scroll to the exact element on the page.

All scanning runs locally in your browser. Nothing is sent anywhere.