650+ pattern AI agent security defense covering prompt injection, supply chain injection, memory poisoning, action gate bypass, unicode steganography, cascad...
Security Analysis
medium confidencePrompt Guard appears to be a legitimate security scanner, but review it carefully because its documented defaults can log full messages and report detections to external services.
The stated purpose—detecting prompt injection, credential leakage, and agent abuse—is coherent with the included patterns, CLI, DLP, logging, and API-enhanced detection features.
The prompt-injection phrases in the documentation appear to be detection examples rather than operational instructions to the agent.
There is no install spec and no required binaries or environment variables, but the artifacts include a Python package and docs showing pip/git usage; no automatic install or execution is shown.
The documented defaults include external API/HiveFence connectivity and automatic reporting, but the artifacts do not clearly define what data is sent for reports.
The example configuration enables logging full message content to a memory-path log, which can persist sensitive or adversarial text without clear retention or quarantine controls.
Guidance
Before installing, decide whether you need fully offline scanning. If so, disable API and HiveFence reporting, turn off full-message logging or redact logs, and verify the package source and endpoints.
Latest Release
v3.6.2
No code or documentation changes detected in this release. - Version number updated from 3.6.0 to 3.6.2. - No functional or documentation changes present.
More by @seojoonkim
Published by @seojoonkim on ClawHub
