Prompt-injection scan
A prompt-injection scan is a check run over any text an agent is about to execute or ingest — a task description, shared content, a transcript — that flags instruction-override, destructive-command, secret-exfiltration, and jailbreak patterns before the text ever reaches the agent's prompt.
In an autonomous pipeline the task text IS the attack surface: whoever can write a ticket can try to steer the agent that executes it. Scanning before prompt assembly means a flagged task simply never runs; it parks with the evidence for a human to inspect.
A scanner is one layer, not a guarantee. It belongs alongside authorship allowlists, no-auto-execution defaults for untrusted content, and attribution for everything an agent ingests.
related terms