{"id":"2538b3b8-8f56-4624-b39d-be98bb5f092c","shortId":"6Lj5RV","kind":"skill","title":"Benchmark prompt-injection attacks defenses and recovery pipelines before trusting an LLM app with Open Prompt Injection","tagline":"Run structured prompt-injection attack and defense experiments against an LLM-integrated app before production by measuring attack success and testing detection or recovery pipelines.","description":"# Benchmark prompt-injection attacks defenses and recovery pipelines before trusting an LLM app with Open Prompt Injection\n\nRun structured prompt-injection attack and defense experiments against an LLM-integrated app before production by measuring attack success and testing detection or recovery pipelines.\n\n## Prerequisites\n\nConda-managed Python environment, upstream repository checkout, model API credentials as configured upstream, target task and attack configuration files\n\n## Installation\n\nUse the upstream install or setup path that matches your environment:\n- conda env create -f environment.yml --name my_custom_env\n- conda activate my_custom_env\n\nRequirements and caveats from upstream:\n- ## Required Python packages\n- python\n\nBasic usage or getting-started notes:\n- Then activate the environment:\n- ### A simple demo\n- Before you start, go to './configs/model\\_configs/palm2\\_config.json' and replace the API keys with your real keys. Please refer to Google's official site for how to obtain an API key for PaLM2. For Meta's Llama model...\n\n- Source: https://github.com/liu00222/Open-Prompt-Injection\n- Extracted from upstream docs: https://raw.githubusercontent.com/liu00222/Open-Prompt-Injection/HEAD/README.md\n\n## Documentation\n\n- https://github.com/liu00222/Open-Prompt-Injection\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection/)","tags":["benchmark","prompt","injection","attacks","defenses","and","recovery","pipelines","before","trusting","llm","app"],"capabilities":["skill","source-agentskillexchange","skill-benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,494 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:09:37.175Z","embedding":null,"createdAt":"2026-05-18T13:15:24.556Z","updatedAt":"2026-05-18T19:09:37.175Z","lastSeenAt":"2026-05-18T19:09:37.175Z","tsv":"'/configs/model':166 '/liu00222/open-prompt-injection':202,213 '/liu00222/open-prompt-injection/head/readme.md':209 '/skills/benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection/)':220 'activ':134,155 'agent':215 'agentskillexchange.com':219 'agentskillexchange.com/skills/benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection/)':218 'api':101,172,190 'app':14,33,59,78 'attack':5,24,38,50,69,83,109 'basic':147 'benchmark':1,46 'caveat':140 'checkout':99 'conda':93,124,133 'conda-manag':92 'config.json':168 'configs/palm2':167 'configur':104,110 'creat':126 'credenti':102 'custom':131,136 'defens':6,26,51,71 'demo':160 'detect':42,87 'doc':206 'document':210 'env':125,132,137 'environ':96,123,157 'environment.yml':128 'exchang':217 'experi':27,72 'extract':203 'f':127 'file':111 'get':151 'getting-start':150 'github.com':201,212 'github.com/liu00222/open-prompt-injection':200,211 'go':164 'googl':181 'inject':4,18,23,49,63,68 'instal':112,116 'integr':32,77 'key':173,177,191 'llama':197 'llm':13,31,58,76 'llm-integr':30,75 'manag':94 'match':121 'measur':37,82 'meta':195 'model':100,198 'name':129 'note':153 'obtain':188 'offici':183 'open':16,61 'packag':145 'palm2':193 'path':119 'pipelin':9,45,54,90 'pleas':178 'prerequisit':91 'product':35,80 'prompt':3,17,22,48,62,67 'prompt-inject':2,21,47,66 'python':95,144,146 'raw.githubusercontent.com':208 'raw.githubusercontent.com/liu00222/open-prompt-injection/head/readme.md':207 'real':176 'recoveri':8,44,53,89 'refer':179 'replac':170 'repositori':98 'requir':138,143 'run':19,64 'setup':118 'simpl':159 'site':184 'skill':216 'skill-benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection' 'sourc':199,214 'source-agentskillexchange' 'start':152,163 'structur':20,65 'success':39,84 'target':106 'task':107 'test':41,86 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'trust':11,56 'upstream':97,105,115,142,205 'usag':148 'use':113","prices":[{"id":"5613a162-714f-44a5-8c2b-d888baf838df","listingId":"2538b3b8-8f56-4624-b39d-be98bb5f092c","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:15:24.556Z"}],"sources":[{"listingId":"2538b3b8-8f56-4624-b39d-be98bb5f092c","source":"github","sourceId":"agentskillexchange/skills/benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection","isPrimary":false,"firstSeenAt":"2026-05-18T13:15:24.556Z","lastSeenAt":"2026-05-18T19:09:37.175Z"}],"details":{"listingId":"2538b3b8-8f56-4624-b39d-be98bb5f092c","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"b575022daa68f2907439b2dffa1105df9b77fae5","skill_md_path":"skills/benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Benchmark prompt-injection attacks defenses and recovery pipelines before trusting an LLM app with Open Prompt Injection","description":"Run structured prompt-injection attack and defense experiments against an LLM-integrated app before production by measuring attack success and testing detection or recovery pipelines."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/benchmark-prompt-injection-attacks-defenses-and-recovery-pipelines-before-trusting-an-llm-app-with-open-prompt-injection"},"updatedAt":"2026-05-18T19:09:37.175Z"}}