Back to Hooks

Prompt Injection Defense

PostToolUse

Scans tool outputs for prompt injection patterns including instruction overrides, role-playing attempts, and encoding obfuscation

securityprompt-injectiondefensescanning
By Lasso Security

Hook Script

#!/bin/bash
# Prompt Injection Defense Hook
# Scans tool output for common prompt injection patterns

OUTPUT="$1"

# Injection patterns to detect
PATTERNS=(
  "ignore (all |any )?(previous|prior|above) (instructions|prompts|rules)"
  "you are now (a |an )?[A-Za-z]+"
  "new instructions:"
  "system prompt:"
  "\\x[0-9a-fA-F]{2}"
  "IMPORTANT:.*override"
  "forget (everything|all|your)"
  "<system>"
  "\[INST\]"
  "Human:|Assistant:"
)

for pattern in "${PATTERNS[@]}"; do
  if echo "$OUTPUT" | grep -qiE "$pattern"; then
    echo "WARNING: Potential prompt injection detected in tool output."
    echo "Pattern matched: $pattern"
    echo "Review the output carefully before proceeding."
    exit 2
  fi
done

exit 0

Settings Configuration

{
  "hooks": {
    "PostToolUse": [
      {
        "matcher": "Read|Bash|WebFetch",
        "command": "./hooks/prompt-injection-defense.sh"
      }
    ]
  }
}

How to use

  1. Create a hooks directory in your project: mkdir hooks
  2. Save the hook script as hooks/prompt-injection-defense.sh
  3. Make it executable: chmod +x hooks/prompt-injection-defense.sh
  4. Add the configuration to your Claude Code settings
  5. Restart Claude Code to apply changes
View source on GitHub

You might also like

Secret Scanner
Hooks