โ Back to Checklists
Free Checklist
AI Agent Prompt Security
A starting checklist for reviewing AI-agent prompts, tool access, risky instructions, and CI-friendly prompt checks. Reduce prompt injection risk, tighten trust boundaries, and make LLM pipelines safer to operate.
Full checklist coming soon
I'm finalising this checklist. Join updates to receive it when it drops โ along with other practical security resources.
Join Security Tool Updates โWhat this checklist covers
Audit system prompts for sensitive data leakage or overly broad permissions
Review tool access โ does the agent need all the tools it has access to?
Check for prompt injection vectors in user-controlled inputs
Verify trust boundaries between agent roles and external data sources
Review output handling โ are responses validated before acting on them?
Assess whether the agent can be instructed to ignore its system prompt
Add CI-friendly prompt lint checks to catch risky patterns pre-deployment
Log agent interactions for auditability and anomaly detection
+ more in the full checklist