PromptShieldThreatReport
Defined in: types.ts:113
Report describing a detected threat span.
NOTE: A ThreatReport represents a span, not a single character. Adjacent suspicious characters should be grouped into one report.
Properties
category
category: ThreatCategory
Defined in: types.ts:123
Threat classification
decodedPayload?
optional decodedPayload: string
Defined in: types.ts:168
Optional decoded payload extracted from concealed content.
Example: "ignore previous instructions"
loc
loc: ThreatLoc
Defined in: types.ts:137
Location of the threat start
message
message: string
Defined in: types.ts:134
Human-readable diagnostic message.
Describes WHAT was detected and WHY it matters. This should not include remediation steps.
offendingText
offendingText: string
Defined in: types.ts:145
The substring responsible for the detection.
This may contain multiple characters if the threat represents a sequence.
readableLabel?
optional readableLabel: string
Defined in: types.ts:153
Optional readable label for UI rendering.
Example: "[ZWSP × 3]"
referenceUrl
referenceUrl: string
Defined in: types.ts:176
Reference documentation explaining the risk.
Example: https://promptshield.js.org/docs/detectors/invisible-chars#PSU001
ruleId
ruleId: string
Defined in: types.ts:120
Stable rule identifier.
Example: "PSU001", "PST001", "PSI002"
severity
severity: Severity
Defined in: types.ts:126
Risk severity
suggestion?
optional suggestion: string
Defined in: types.ts:160
Suggested remediation guidance.
This is optional and may vary by environment (editor, CI, UI).
suppressed?
optional suppressed: boolean
Defined in: types.ts:182
Indicates whether this threat was suppressed by an ignore directive.