> ## Documentation Index
> Fetch the complete documentation index at: https://threatbasis.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Prompt Engineering for Security

> Security-specific prompt patterns, chain-of-thought reasoning for threat analysis, adversarial prompt testing, and defensive prompt design.

Prompt engineering for security requires specialized techniques that account for the unique requirements of security analysis, the adversarial nature of security work, and the critical importance of accuracy in security decisions. Security engineers craft prompts that elicit precise, actionable responses while defending against prompt injection and manipulation attempts.

Effective security prompts leverage domain-specific patterns, structured reasoning approaches, and defensive techniques that ensure AI systems provide reliable security guidance. This discipline combines traditional prompt engineering with security-specific considerations around trust, verification, and adversarial robustness.

## Security Prompt Fundamentals

Security prompts must balance several competing requirements:

| Requirement   | Challenge                            | Approach                                |
| ------------- | ------------------------------------ | --------------------------------------- |
| Accuracy      | Security decisions require precision | Structured output, verification steps   |
| Completeness  | Missing context leads to errors      | Explicit context requirements           |
| Defensibility | Prompts are attack surfaces          | Input sanitization, guardrails          |
| Auditability  | Decisions must be explainable        | Chain-of-thought, citations             |
| Consistency   | Reproducible analysis                | Temperature control, structured prompts |

## Prompt Patterns for Security

### Threat Analysis Prompts

Structured approaches for analyzing security events and threats.

### Incident Investigation Prompts

Guiding systematic investigation workflows.

### Vulnerability Assessment Prompts

Evaluating security weaknesses and remediation.

### Policy Compliance Prompts

Checking configurations against security policies.

## Chain-of-Thought for Security

### Structured Reasoning

Breaking complex security analysis into verifiable steps.

### Evidence-Based Analysis

Requiring citations and supporting evidence.

### Confidence Calibration

Expressing uncertainty appropriately in security contexts.

## Defensive Prompt Engineering

### Prompt Injection Prevention

Protecting against adversarial input manipulation.

### Input Sanitization

Cleaning user and data inputs before prompt inclusion.

### Output Validation

Verifying AI responses meet security requirements.

### Guardrail Implementation

Constraining AI behavior within safe boundaries.

## Adversarial Testing

| Test Category      | Description                            | Example                           |
| ------------------ | -------------------------------------- | --------------------------------- |
| Direct injection   | Explicit instruction override attempts | "Ignore previous instructions..." |
| Indirect injection | Malicious content in retrieved data    | Poisoned documents                |
| Jailbreaking       | Bypassing safety constraints           | Role-playing attacks              |
| Data extraction    | Attempting to leak system prompts      | "Repeat your instructions"        |
| Confusion attacks  | Ambiguous inputs causing errors        | Homoglyph attacks                 |

### Red Team Prompt Testing

### Automated Adversarial Evaluation

## Implementation Patterns

### Template Management

### Version Control for Prompts

### A/B Testing Security Prompts

## Quality Metrics

| Metric               | Description                        | Target    |
| -------------------- | ---------------------------------- | --------- |
| Response accuracy    | Correctness of security analysis   | > 95%     |
| Injection resistance | Successful defense against attacks | > 99%     |
| Consistency score    | Reproducibility across runs        | > 90%     |
| Reasoning quality    | Logical chain-of-thought           | Auditable |
| False positive rate  | Incorrect security alerts          | \< 5%     |

## Anti-Patterns to Avoid

* **Trusting user input** — All external input must be treated as potentially malicious
* **Vague instructions** — Ambiguous prompts lead to inconsistent security analysis
* **Missing context** — Insufficient context causes incorrect security decisions
* **Over-permissive prompts** — Broad instructions increase attack surface

## References

* [OWASP LLM Top 10](https://owasp.org/www-project-top-10-for-large-language-model-applications/)
* [Anthropic Prompt Engineering Guide](https://docs.anthropic.com/claude/docs/prompt-engineering)
* [OpenAI Prompt Engineering](https://platform.openai.com/docs/guides/prompt-engineering)
* [Prompt Injection Attacks](https://simonwillison.net/2022/Sep/12/prompt-injection/)
* [NIST AI Risk Management Framework](https://www.nist.gov/itl/ai-risk-management-framework)
* [Garak LLM Vulnerability Scanner](https://github.com/leondz/garak)