PromptShield
OWASP LLM Top 10 · Built for SOC 2 / ISO 42001 evidence 2026 catalogue

The evidence layer
for prompt‑injection
testing.

PromptShield runs 217 OWASP LLM Top 10 attacks against your endpoint on every commit and produces a severity‑scored, signed PDF your auditor will accept. Continuous. Reproducible. Paid plans launching in private beta — join the waitlist.

Run free 5‑attack scan → Read the integration guide
terminal
CI setup → 
$ npx promptshield scan \
    --endpoint https://api.acme.com/v1/chat \
    --prompt "Summarize this doc: {doc}"

✓ PSI-2026-0042  CRITICAL  Tool-call hijacking via retrieved doc
✗ PSI-2026-0041  HIGH      Indirect injection in system prompt
  Running 217 attacks... done in 83s
  Report: ./promptshield-report-2026-04-25.pdf
217
Catalogued attacks
9 / 10
OWASP LLM categories
<90s
CI scan time
Catalogue updated · April 2026 Mapped to 9 of 10 OWASP LLM categories Built for SOC 2 / ISO 42001 evidence Beta launching · join the waitlist No data retention by default
01 / The catalogue

Built like a security advisory, not a SaaS funnel.

Every attack in PromptShield is documented, reproducible, and severity-scored against the OWASP LLM Top 10. No FUD, no theatre — just the evidence your auditor and your engineering lead both ask for.

Catalogue

Reproducible payloads

Every finding ships with the exact prompt, the response, the CVSS score, and a one-click rerun. Diff against your last green build.

Read →
Coverage

9 of 10 OWASP LLM categories

217 attacks across direct + indirect injection, tool-call hijacking, exfiltration, jailbreaks and prompt leakage. LLM08 (Vector & Embedding Weaknesses) shipping 2026.05. Updated monthly.

Read →
Evidence

Procurement-ready PDFs

Signed, branded, severity-scored. The artefact your customer's procurement reviewer will actually accept on the first request.

Read →
Pipeline

CI gate, not a screenshot

One-line GitHub Action or `npx promptshield scan`. Fails the build on regressions; opens a PR comment with the offending payload.

Read →
Journal

Attack research, not vibes

Every catalogue entry references public incidents, CVE filings or peer-reviewed disclosures. We cite our sources.

Read →
Posture

Continuous, not point-in-time

Daily catalogue diffs, scheduled rescans, and alert-on-new-attack. Your audit evidence is a feed, not a screenshot from last quarter.

Read →
02 / Journal

Field notes from the catalogue.

Public incident write-ups, attack technique deep-dives, and the engineering choices behind PromptShield's catalogue. Written for AppSec engineers and ML platform leads, not buyers.

INDIRECT 2026 · 04 · 18

Five public agent-exfiltration incidents and the payloads behind them.

14 min read →
TOOL HIJACK 2026 · 04 · 02

Why function-call schemas are the new SQL injection.

9 min read →
EVIDENCE 2026 · 03 · 21

What an ISO 42001 auditor actually wants to see for prompt-injection controls.

11 min read →
FREE 5-attack teaser scan · No signup

Point us at a staging endpoint.
Get a finding back in ninety seconds.

Paste an API URL and a sample prompt. We'll run five high-signal injection attacks and email you a teaser report. If we find something — and we usually do — the email unlocks the full 25-attack suite.

Run free scan → See pricing