iblai-vibe-security-prompt-injection

Installation
SKILL.md

/iblai-vibe-security-prompt-injection

Audit applications that use AI features, LLM integrations, or AI agents for prompt injection, privilege escalation, and authorization bypass.

Do NOT craft attack payloads against production systems without explicit authorization. CTF and authorized red-team contexts are fine — anything else is not.

Background

Prompt injection is LLM01 in the OWASP Top 10 for LLMs — the #1 vulnerability in LLM-integrated apps. Untrusted input influences the instructions an LLM follows, causing it to ignore its system prompt, leak secrets, or take unauthorized actions.

Three attack classes:

  • Direct injection: attacker sends malicious input straight to the LLM (chat input, an AI-processed form field)
  • Indirect injection: attacker plants instructions in data the LLM later consumes (web pages, emails, documents, database records, tool outputs, RAG chunks)
  • Cross-privilege injection: a lower-privileged user plants injection in shared data; a higher-privileged user's AI session consumes it and escalates through the AI layer

Multi-tenant ibl.ai-style platforms are especially exposed to cross-privilege and tenant-leakage variants — audit those paths first.

Step 1: Map the AI Attack Surface

Installs
2
Repository
iblai/vibe
GitHub Stars
14
First Seen
2 days ago
iblai-vibe-security-prompt-injection — iblai/vibe