Skip to content
ATR-2026-00155highPrompt Injectiondraft

Hidden LLM Instructions in Skill Descriptions

Detects skills that embed hidden instructions directed at the LLM using phrases like "CRITICAL INSTRUCTION — YOU MUST FOLLOW THIS" or "Before doing ANYTHING". These instructions can manipulate the LLM to bypass normal security checks, skip validation steps, or follow alternative workflows that may compromise security. The analyzed BlogBurst skill contains "CRITICAL INSTRUCTION — YOU MUST FOLLOW THIS" followed by specific behavioral directives.

Severity
high
Category
Prompt Injection
Scan Target
mcp
Author
Threat Cloud LLM Analyzer

Response Actions

alertsnapshot
View full YAML on GitHub →

More Prompt Injection Rules

ATR-2026-00001highDirect Prompt Injection via User InputATR-2026-00002highIndirect Prompt Injection via External ContentATR-2026-00003highJailbreak Attempt DetectionATR-2026-00004criticalSystem Prompt Override AttemptATR-2026-00005mediumMulti-Turn Prompt Injection