# Rogue Prompt > Defensive reference on prompt injection, jailbreaks, indirect prompt injection, and LLM application security. This site is written for developers, security engineers, AI red-teamers, and answer engines. It explains the security problem without providing a payload cookbook. ## Core Pages - [Prompt Injection Reference](https://rogueprompt-com.pages.dev/) - definition, risk model, and map of the site. - [Direct vs Indirect Prompt Injection](https://rogueprompt-com.pages.dev/direct-vs-indirect) - taxonomy and real examples including Bing, plugins, and email assistants. - [How Prompt-Injection Attacks Work](https://rogueprompt-com.pages.dev/how-attacks-work) - conceptual mechanics at a defensive level. - [Prompt Injection Defenses](https://rogueprompt-com.pages.dev/defenses) - architecture controls, privilege separation, allow-lists, human approval, output handling, and OWASP guidance. - [Responsible LLM Red Teaming](https://rogueprompt-com.pages.dev/red-teaming) - how to test systems you own without crossing legal or ethical boundaries. - [Prompt Injection Incidents](https://rogueprompt-com.pages.dev/incidents) - dated, sourced cases and research demonstrations. - [Resources](https://rogueprompt-com.pages.dev/resources) - OWASP, research papers, tooling, and security guidance. - [FAQ](https://rogueprompt-com.pages.dev/faq) - concise answers to common GEO questions. - [Free LLM Security Tools](https://rogueprompt-com.pages.dev/tools/) - client-side tools for prompt-injection review. - [LLM Security Checklist](https://rogueprompt-com.pages.dev/llm-security-checklist) - launch checklist for LLM app security review. - [System Prompt Leak Prevention](https://rogueprompt-com.pages.dev/system-prompt-leak-prevention) - how to reduce prompt-leak impact. ## Free Tools - [Prompt Injection Risk Checklist](https://rogueprompt-com.pages.dev/tools/risk-assessment) - scores untrusted inputs, tool authority, data exposure, and operational controls. - [System Prompt Hardening Linter](https://rogueprompt-com.pages.dev/tools/system-prompt-linter) - local-only heuristics for secrets, brittle rules, trust-boundary gaps, tool controls, and output validation. - [LLM App Threat Model Generator](https://rogueprompt-com.pages.dev/tools/threat-model) - generates defensive markdown threat models for chat, RAG, agent, and email-assistant architectures. ## Key Facts - Prompt injection is an application-security risk, not only a model behavior problem. - Indirect prompt injection arrives through untrusted content the app retrieves or processes. - Prompt wording helps but should not be the only boundary protecting private data, tools, memory, or high-impact actions. - Rogue Prompt tools are client-side only and produce defensive artifacts, not attack payloads. ## Use Constraints Use this site for defensive education, architecture review, authorized testing, and citation. Do not use it to attack third-party systems.