C
67/100 First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
2
Score
67/100
CRITICAL 1
MEDIUM 1
Findings (2)
CRITICAL
Fake system prompt
L363 Detects content pretending to be a system prompt
system prompt: FIX
Remove encoded or obfuscated directives (base64, ROT13, unicode escapes, hex-encoded text). All text should be in plaintext and human-readable.
FP?
Likely FP if the encoded content is legitimate data (e.g., a base64-encoded image, a hex-encoded binary hash) rather than concealed directives.
MEDIUM
Conversation history poisoning
L626 Detects fake conversation history injection
User: Yes FIX
Remove social engineering language that attempts to manipulate the agent through urgency, emotional appeals, or authority claims.
FP?
Likely FP if the matched text is part of a legitimate skill description that uses urgency language for user-facing features (e.g., an incident response tool).