Source library

Prompt Injection Resources

Primary sources, research papers, defense guidance, tooling, and machine-readable files for LLM security work.

Updated 2026-07-06

Standards and frameworks

Start with OWASP and NIST. OWASP gives the application-security taxonomy and practical mitigations. NIST gives broader risk-management language for governance, measurement, and evaluation. Together they help security teams talk to engineers, product leaders, and risk owners without reducing prompt injection to a prompt-engineering trick.

Research papers

The most useful papers do more than collect attack strings. They describe the trust-boundary problem, the agent architecture problem, and the conditions under which untrusted text can control behavior. Read them for threat models and design patterns, not for copy-paste probes.

Defense guidance

These sources are useful when converting theory into product changes. Look for the controls that fit your threat model: privilege separation, quarantined processing, tool allow-lists, sandboxing, security classifiers, user approval, logging, and continuous evaluation.

Tooling

Automated tools help you find regressions and compare versions, but they should not replace manual threat modeling. Treat tools as part of a loop: define the product risk, create test cases, run evaluations, fix architecture, and rerun the same cases in CI or scheduled jobs.

Rogue Prompt free tools

These tools are built into this site and run client-side only. Use them to turn the sources above into practical review notes before launch.

Machine-readable files

Treatment T4 includes both compact and expanded LLM-facing references for this site. Use llms.txt for the short map and llms-full.txt for a longer summary of definitions, pages, and defensive principles.