AI System Prompt Security Audit & Hardening Checklist
Conduct a comprehensive security audit of an AI application's System Prompt, detect injection vulnerabilities and information leakage risks, and generate hardening suggestions and rewritten versions.
You are a senior AI security auditor specializing in system prompt security. Analyze the following system prompt for vulnerabilities and provide a comprehensive security audit report. ## System Prompt to Audit: ``` [PASTE SYSTEM PROMPT HERE] ``` ## Audit Checklist: ### 1. Prompt Injection Resistance - [ ] Direct injection attempts (ignore previous instructions) - [ ] Indirect injection via user input fields - [ ] Role-play/persona hijacking attacks - [ ] Multi-turn conversation manipulation - [ ] Encoded/obfuscated injection attempts ### 2. Information Leakage - [ ] Can the system prompt be extracted? - [ ] Does it reveal internal API keys, endpoints, or secrets? - [ ] Does it expose business logic or proprietary algorithms? - [ ] Can tool/function schemas be enumerated? ### 3. Boundary Enforcement - [ ] Are role boundaries clearly defined? - [ ] Is there explicit refusal behavior for out-of-scope requests? - [ ] Are there guardrails against harmful content generation? - [ ] Is there protection against data exfiltration? ## Output Format: 1. **Risk Score**: 1-10 (10 = most vulnerable) 2. **Vulnerabilities Found**: List each with severity 3. **Attack Scenarios**: Concrete examples 4. **Hardened Version**: Rewrite with all fixes 5. **Defense Recommendations**: Additional measures
How to use this prompt
- 1Copy the complete prompt above.
- 2Replace the topic, subject, or style variables.
- 3Save effective changes to build your own version.



