Add LLM Prompt Injection skill (vulnerabilities)#616
Conversation
Greptile SummaryThis PR adds a new vulnerability skill file,
Confidence Score: 5/5Documentation-only change with no code, configuration, or test modifications — entirely safe to merge. The single changed file is a new skill markdown document. It is accurate, structurally consistent with existing skills, and introduces no executable code or configuration. The Framework-Specific section (LangChain, OpenAI, Anthropic, LlamaIndex, guardrails) addresses the depth gap noted in the previous review thread. No logical or factual issues were found. No files require special attention. Important Files Changed
Reviews (2): Last reviewed commit: "Add Framework-Specific section (LangChai..." | Re-trigger Greptile |
|
Great suggestion — you're right that a framework layer matches the depth of
It names the exact sinks/hooks an agent should look for, matching the |
Add LLM Prompt Injection skill (vulnerabilities)
This adds a new skill:
strix/skills/vulnerabilities/llm_prompt_injection.md.Why
Strix targets modern applications, and more and more of them ship LLM-backed features (chatbots, assistants, RAG, agents with tools). Yet the vulnerabilities skill set has no coverage of prompt injection — arguably the most important new class in the OWASP LLM Top 10. This gives agents a focused playbook for a class they will increasingly encounter.
What's included
Following the existing skill format (YAML frontmatter + structured sections):
Notes
open_redirect.md,csrf.md).