Claude Code Skills·Claude Skills·The open SKILL.md registry for Claude
ClaudSkills / General / general-misc

prompt-injection-defense

Category: General  ·  Sub-category: general-misc  ·  Last updated:
ai:llm
Contain direct and indirect prompt injection in LLM-integrated applications. Covers source-of-trust tagging, tool-use confirmation after untrusted input, output validation, markdown-image exfiltration prevention, and context-window hygiene. Invoke when building any app where untrusted text reaches an LLM, when the LLM has tools that act on real systems, or after a suspected injection incident.
Security AStatic scan found no risk patternsHow grading works ›

From the source SKILL.md

Prompt injection is not a bug you can patch — it is the input/output behavior of LLMs. You can only contain it: limit what an attacker can cause to happen when they succeed, not whether they can attempt it.

What this skill does

prompt-injection-defense is a community-contributed Claude Code skill in the general-misc sub-category. It ships as a SKILL.md file that Claude Code auto-discovers under ~/.claude/skills/gw360--prompt-injection-defense/ and loads when your prompt matches the skill's trigger.

Who uses this skill

The prompt-injection-defense Claude Code skill is built for Claude Code users and developers across all disciplines looking for general-purpose AI assistance. It's part of ClaudSkills (also referred to as Claude Skills or Claude Code Skills) — the open community-curated registry of 146,000+ SKILL.md files for Anthropic's Claude Code agent and the wider Claude ecosystem (Claude API, Claude Agent SDK).

How to install

Free

Manual install (2 steps)

mkdir -p ~/.claude/skills/gw360--prompt-injection-defense
curl -L https://claudskills.com/skills/gw360--prompt-injection-defense/SKILL.md \
  -o ~/.claude/skills/gw360--prompt-injection-defense/SKILL.md

Or just download SKILL.md directly and drop it into ~/.claude/skills/gw360--prompt-injection-defense/. Claude Code auto-discovers it on next session.

Skills live at ~/.claude/skills/gw360--prompt-injection-defense/SKILL.md on macOS/Linux, or %USERPROFILE%\.claude\skills\gw360--prompt-injection-defense\SKILL.md on Windows. See the full install guide for step-by-step instructions.

Telegram

📱 Install from your phone or desktop Telegram

Open @claudskills_bot on Telegram, tap Open Desktop App, and the desktop app installs this skill for you. Or share the bot link with a colleague — they get the same one-tap install. Learn more →

Pro

One-click install via the desktop app

The ClaudSkills desktop app installs any skill directly into ~/.claude/skills/ with one click — no terminal required. Pro starts at $9/mo or $149 lifetime.

Pro

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

Frequently asked questions

How do I install the prompt-injection-defense Claude Code skill?
Install via the ClaudSkills desktop app (one click) or copy SKILL.md from the source repository to ~/.claude/skills/gw360--prompt-injection-defense/SKILL.md and restart Claude Code. Both flows are detailed at claudskills.com/install/.
What does the prompt-injection-defense skill do?
Contain direct and indirect prompt injection in LLM-integrated applications. Covers source-of-trust tagging, tool-use confirmation after untrusted input, output validation, markdown-image exfiltration prevention, and context-window hygiene. Invoke when building any app where untrusted text reaches an LLM, when the LLM has tools that act on real systems, or after a suspected injection incident.
Is this skill free to install?
Yes. ClaudSkills is an open registry — every skill keeps its source repository's license, and manual install via copy is free. ClaudSkills Pro ($9/mo, $79/yr, or $149 one-time) adds one-click install via the desktop app and a multi-signal Quality Score.
When should I use the prompt-injection-defense skill?
Use prompt-injection-defense when your Claude Code task falls under the General category — specifically in the general misc area. Claude Code auto-discovers installed skills and invokes the right one based on the task description, so you can also ask Claude directly (e.g. "use prompt-injection-defense" or describe the task and let Claude pick). Browse related skills at /category/general/.
What is a Claude Code skill and how does the prompt-injection-defense skill fit in?
A Claude Code skill is a SKILL.md file that lives under ~/.claude/skills/<name>/ and tells the Claude Code CLI agent how to perform a specific task (instructions, prompts, allowed tools). Skills are auto-discovered at session start. prompt-injection-defense is one of 67,000+ skills indexed in the open ClaudSkills catalog, classified under the General category. Learn more at /learn/what-is-a-claude-skill/.

Attribution & license

Cite this skill

If you reference this skill in a blog post, paper, or documentation, you can cite it as:

APA
phamlongh230-lgtm. (2026). prompt-injection-defense [Claude Code skill]. ClaudSkills. https://claudskills.com/skills/gw360--prompt-injection-defense/
BibTeX
@misc{gw360--prompt-injection-defense-2026,
  author    = {phamlongh230-lgtm},
  title     = {prompt-injection-defense [Claude Code skill]},
  year      = {2026},
  publisher = {ClaudSkills},
  url       = {https://claudskills.com/skills/gw360--prompt-injection-defense/}
}

Embed this skill

Promote, attribute, or link this skill from your own README, blog post, or documentation. All three snippets are free to use — no sign-up, no API key. More distribution surfaces →

Badge
[![ClaudSkills](https://claudskills.com/badge/gw360--prompt-injection-defense.svg)](https://claudskills.com/skills/gw360--prompt-injection-defense/?utm_source=badge&utm_medium=readme&utm_campaign=skill_badge)
<script>
<script src="https://claudskills.com/embed/gw360--prompt-injection-defense.js" async></script>
<iframe>
<iframe src="https://claudskills.com/embed/gw360--prompt-injection-defense.html" width="100%" height="160" frameborder="0" loading="lazy" title="ClaudSkills: prompt-injection-defense"></iframe>

Security scan

Grade A · scanned 2026-07-06 — free static scan against the OWASP Agentic Skills Top 10.

The scan flagged 1 of 10 categories (prompt-injection), including a high-severity pattern. Patterns shown inside code fences are weighted as examples rather than instructions — read the grading methodology for what this does and does not guarantee.

Show this grade on your repo (click to copy):

[![Security: A](https://img.shields.io/badge/Security-A-2e7d32)](https://claudskills.com/skills/gw360--prompt-injection-defense/#security)

Free. No spam. Unsubscribe in one click.

More General skills

Browse all General skills in the ClaudSkills registry, or explore these other picks from the same category:

Browse all General skills → Top 100 skills
Part of ClaudSkills — the open registry for Claude Skills & Claude Code Skills.  ·  What's New  ·  Install guide  ·  About  ·  llms.txt

Part of Acreator Store — Adam Lankamer's AI tools: PerfectStudio · Ucaption · UTagger · AutoXPoster · TestYourSkills · AutomationFlows · Au Naturel · Telegram @acreatorstore