Skip to content

Commit e612db2

Browse files
BazookaMusicBazookaMusic
committed
Promote user prompt injection query to stable security
Move UserPromptInjection out of experimental into stable JavaScript security locations. Set js/user-prompt-injection precision to low and remove experimental tagging. Move supporting dataflow libraries, qhelp/examples, and tests to stable paths and update references.
1 parent d0ffde8 commit e612db2

14 files changed

Lines changed: 6 additions & 7 deletions

File tree

javascript/ql/src/experimental/semmle/javascript/security/PromptInjection/UserPromptInjectionCustomizations.qll renamed to javascript/ql/lib/semmle/javascript/security/dataflow/UserPromptInjectionCustomizations.qll

File renamed without changes.

javascript/ql/src/experimental/semmle/javascript/security/PromptInjection/UserPromptinjectionQuery.qll renamed to javascript/ql/lib/semmle/javascript/security/dataflow/UserPromptInjectionQuery.qll

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,8 @@
22
* Provides a taint-tracking configuration for detecting "prompt injection" vulnerabilities.
33
*
44
* Note, for performance reasons: only import this file if
5-
* `PromptInjection::Configuration` is needed, otherwise
6-
* `PromptInjectionCustomizations` should be imported instead.
5+
* `UserPromptInjectionFlow::Configuration` is needed, otherwise
6+
* `UserPromptInjectionCustomizations` should be imported instead.
77
*/
88

99
private import javascript

javascript/ql/src/experimental/Security/CWE-1427/UserPromptInjection.qhelp renamed to javascript/ql/src/Security/CWE-1427/UserPromptInjection.qhelp

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ context, or trigger unintended tool calls.</p>
2020
<ul>
2121
<li>Ensure that all data flowing into user-input is intended and necessary for the purpose of the AI system.</li>
2222
<li>Ensure the system prompt clearly describes the purpose, scope and boundaries of the AI system. Instruct the system to deny input that falls outside these boundaries.</li>
23-
<li>If creating a prompt out of multiple user-controlled values, assume that each of them can be malicious. Ensure the range of possible values is restricted and validated.
23+
<li>If creating a prompt out of multiple user-controlled values, assume that each of them can be malicious. Ensure the range of possible values is restricted and validated.
2424
For example, if a prompt includes a question and the intended language to respond in, validate that the language is one of the supported options.</li>
2525
<li>Consider using guardrails on the input like the OpenAI guardrails library to enforce constraints and prevent malicious content from being processed.</li>
2626
<li>Apply output filtering to detect and block responses that indicate prompt injection attempts.</li>

javascript/ql/src/experimental/Security/CWE-1427/UserPromptInjection.ql renamed to javascript/ql/src/Security/CWE-1427/UserPromptInjection.ql

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,15 +5,14 @@
55
* @kind path-problem
66
* @problem.severity warning
77
* @security-severity 5.0
8-
* @precision medium
8+
* @precision low
99
* @id js/user-prompt-injection
1010
* @tags security
11-
* experimental
1211
* external/cwe/cwe-1427
1312
*/
1413

1514
import javascript
16-
import experimental.semmle.javascript.security.PromptInjection.UserPromptinjectionQuery
15+
import semmle.javascript.security.dataflow.UserPromptInjectionQuery
1716
import UserPromptInjectionFlow::PathGraph
1817

1918
from UserPromptInjectionFlow::PathNode source, UserPromptInjectionFlow::PathNode sink

javascript/ql/src/experimental/Security/CWE-1427/examples/user-prompt-injection.js renamed to javascript/ql/src/Security/CWE-1427/examples/user-prompt-injection.js

File renamed without changes.

javascript/ql/src/experimental/Security/CWE-1427/examples/user-prompt-injection_fixed.js renamed to javascript/ql/src/Security/CWE-1427/examples/user-prompt-injection_fixed.js

File renamed without changes.

javascript/ql/test/experimental/Security/CWE-1427/UserPromptInjection/UserPromptInjection.expected renamed to javascript/ql/test/Security/CWE-1427/UserPromptInjection/UserPromptInjection.expected

File renamed without changes.

javascript/ql/test/Security/CWE-1427/UserPromptInjection/UserPromptInjection.qlref

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
Security/CWE-1427/UserPromptInjection.ql

javascript/ql/test/experimental/Security/CWE-1427/UserPromptInjection/anthropic_user_test.js renamed to javascript/ql/test/Security/CWE-1427/UserPromptInjection/anthropic_user_test.js

File renamed without changes.

javascript/ql/test/experimental/Security/CWE-1427/UserPromptInjection/gemini_user_test.js renamed to javascript/ql/test/Security/CWE-1427/UserPromptInjection/gemini_user_test.js

File renamed without changes.

0 commit comments

Comments
 (0)