PromptShieldPromptShield CLI
Overview
production-grade CLI for auditing AI prompts. Detects invisible characters, homoglyph attacks, and adversarial Unicode poisoning in your development workflow.
✨ Features
- CI/CD Ready: Exit codes for passing/failing builds based on threat severity.
- Scanning: Detect invisible characters, BIDI overrides, and homoglyphs.
- Sanitization: Automatically strip dangerous characters (where safe).
- Configuration: Support for
.promptshieldrcand.promptignore. - JSON Output: Machine-readable reports for dashboard integration.
📦 Installation
# Global installation
$ pnpm install -g @promptshield/cli
# Project dependency
$ pnpm add -D @promptshield/cli🚀 Usage
View complete usage guide and configurations
Basic Scan
Scan all files in the current directory (respects .gitignore and .promptignore).
$ promptshield scanScan specific files or globs:
$ promptshield scan "prompts/**/*.txt" "src/**/*.ts"Options
| Option | Description |
|---|---|
--check | Fail (exit code 1) on the first detected threat. Ideal for CI. |
--json | Output results in JSON format. |
--strict | Enable stricter sanitization rules. |
--write | Write fixes to disk (used with fix or sanitize). |
--config <file> | Path to a specific config file. |
--init | Generate a default configuration file. |
Commands
scan
Analyzes files for threats without modifying them.
$ promptshield scan --json > report.jsonfix
Applies safe automatic fixes to files.
$ promptshield fix --writesanitize
Aggressively cleans text content (may be destructive for some binary/encoded data).
$ promptshield sanitize --write⚙️ Configuration
Create a promptshield.config.json (or use --init):
{
"minSeverity": "HIGH",
"disableHomoglyphs": false,
"exclude": ["**/node_modules/**", "**/*.min.js"]
}📚 Deep Dives: For comprehensive explanation of commands and config schemas, see the Documentation section.
License
This library is licensed under the MIT open-source license.
with 💖 by Mayank Kumar Chaudhari