hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-14 19:29:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improve prompt inject for Python

Browse Source
This commit is contained in:
Josef Svenningsson
2026-04-02 17:42:37 +01:00
parent c9fa7fa283
commit bb18bb084c
4 changed files with 53 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
python/ql/lib/semmle/python/frameworks/anthropic.model.yml Normal file
View File

@@ -0,0 +1,17 @@
extensions:
- addsTo:
pack: codeql/python-all
extensible: sinkModel
data:
- ['Anthropic', 'Member[messages].Member[create].Argument[system:]', 'prompt-injection']
- ['Anthropic', 'Member[messages].Member[stream].Argument[system:]', 'prompt-injection']
- ['Anthropic', 'Member[beta].Member[messages].Member[create].Argument[system:]', 'prompt-injection']
- ['Anthropic', 'Member[messages].Member[create].Argument[messages:].ListElement.DictionaryElement[content]', 'prompt-injection']
- ['Anthropic', 'Member[messages].Member[stream].Argument[messages:].ListElement.DictionaryElement[content]', 'prompt-injection']
- ['Anthropic', 'Member[beta].Member[messages].Member[create].Argument[messages:].ListElement.DictionaryElement[content]', 'prompt-injection']
- addsTo:
pack: codeql/python-all
extensible: typeModel
data:
- ['Anthropic', 'anthropic', 'Member[Anthropic,AsyncAnthropic].ReturnValue']

3
python/ql/lib/semmle/python/frameworks/openai.model.yml
View File

@@ -4,6 +4,9 @@ extensions:
extensible: sinkModel
data:
- ['OpenAI', 'Member[beta].Member[assistants].Member[create].Argument[instructions:]', 'prompt-injection']
- ['OpenAI', 'Member[chat].Member[completions].Member[create].Argument[messages:].ListElement.DictionaryElement[content]', 'prompt-injection']
- ['OpenAI', 'Member[responses].Member[create].Argument[instructions:]', 'prompt-injection']
- ['OpenAI', 'Member[responses].Member[create].Argument[input:]', 'prompt-injection']
- addsTo:
pack: codeql/python-all