Getting started

To get started, first install the application from the Github Marketplace:

https://github.com/marketplace/prompt-shieldgithub.com

Once you've installed the application, select the repository you want to work with, and create a file called

.github/prompt-defender.yml

In this file, we'll add our test configuration

Configuration

prompts:
  - 'path/to/your/prompt-file1.txt'
  - 'path/to/your/prompt-file2.txt'
threshold: 0.5

Replace path/to/your/prompt-file1.txt and path/to/your/prompt-file2.txt with the paths to the prompt files you want to test.

What does threshold mean?

Threshold is the score (with a max score of 1.0) that you want your prompt to hit before you let the prompt pass - so, in simple terms if your threshold is 0.5 then a security score below 0.5 causes a failure

Deploy the file to a branch

Deploy the file, and watch your pull request for the test:

If you pass, congrats 🎉

If not, you'll get some quick wins on how to improve the prompt to make sure it passes:

Details

To see more details, click the 'View more details' button and you'll see the score, along with suggestions for improvement. This will take you to the "score" page - with details on improvements that you can make to your prompt.

You can even get improvements automatically - click 'Improve score' and you'll get a hardened prompt for you to use - this will take your prompt information and suggest and improved prompt that you can use to update your prompt:

Copy the result, paste it back into your prompt file - and the test will automatically re-run (alternatively, you can get the score for the latest prompt by clicking 'score your prompt')

It really is as simple as that!