| Hello HN :) Promptinel is a security scanner for prompts. I think the world needs something like this, because prompts are basically executable artifacts and we need to treat them as such. I want to identify as many bad things as I can before a prompt gets anywhere near runtime. Especially when supplying a common prompt repository for friends or colleagues, or when downloading skills from the internet. You can read more about my motivation in the project's readme: https://github.com/CunningFatalist/promptinel?tab=readme-ov-... Promptinel finds various attack patterns in prompts, for example: - prompt override and role spoofing patterns - download-and-execute chains - template execution and network fetch behavior - secret exfiltration intent - invisible Unicode and obfuscation tricks - local sensitive file references Check out the rule documentation for more: https://github.com/CunningFatalist/promptinel/blob/main/docs... I'm really looking forward to feedback from people, who have built linters or security scanners before. Or just feedback from Go people, really. I'm mainly a PHP and TypeScript dev and use Go in my free time, because I find it fun and love the philosophy behind it. |