Prompt Injection Tester

Agent

Red-teams your agent's prompts and tools against injection attacks.

4.8(78)23.8k installs1.5k likesUpdated 6 days ago

High riskMITSecurity reviewedFree

Prompt Injection Tester

A red-team harness for agents. It runs a curated library of injection and jailbreak payloads against your agent and reports what broke.

Attack classes

Direct injection — "ignore previous instructions" and friends
Indirect injection — payloads hidden in tool output / fetched pages
Context exfiltration — attempts to leak the system prompt or secrets
Tool misuse — coaxing unintended runCommands / network calls

Install

bash

npx nuclexa install prompt-injection-tester --target claude-code

Requests network and runCommands to exercise your agent in a sandbox. Run it against your own agents only.

Report

Each payload is scored: blocked, partial, or compromised, with the transcript and a hardening suggestion.

Demo

prompt-injection-tester — preview

Interactive demo coming soon

A short walkthrough of Prompt Injection Tester in action will appear here.

Supported platforms

CCClaude CodeCuCursorOAOpenAI AgentsMMCP-compatible

Installation

Install or export Prompt Injection Tester for any platform it supports.

Claude Code

$ npx nuclexa install prompt-injection-tester --target claude-code

Cursor

$ npx nuclexa install prompt-injection-tester --target cursor

OpenAI Agents

$ npx nuclexa export prompt-injection-tester --target openai-agents

MCP-compatible

$ npx nuclexa install prompt-injection-tester --target mcp

Required permissions

High risk

Read files
Read files in the workspace.
Write files
Create or modify files in the workspace.
Run shell commands
Execute commands in your shell.
Network access
Make outbound network requests.
Access environment variables
Read process environment variables.
Access browser
Control a browser session.
Access git history
Read commit history and diffs.
Access secrets
Read configured secrets and tokens.

This package requests high-risk permissions. Review the source and only install from creators you trust.

Compatibility

How Prompt Injection Tester behaves across supported runtimes.

Platform	Status	Install method
CCClaude Code	Supported	CLI install
CuCursor	Supported	Cursor rule
OAOpenAI Agents	Exportable	agent.json export
MMCP-compatible	Supported	MCP config

License & safety

License

MITOpen source — free for commercial use.

Safety note

Every install shows its full permission scope before it runs. This package has been security reviewed by Nuclexa.

Platform

Status

Install method

CCClaude Code

Supported

CLI install

CuCursor

Supported

Cursor rule

OAOpenAI Agents

Exportable

agent.json export

MMCP-compatible

Supported

MCP config