Back to feed
Dev.to
Dev.to
6/18/2026
I tested 5 LLMs for prompt-injection leaks. Same code, 0% to 90%.

I tested 5 LLMs for prompt-injection leaks. Same code, 0% to 90%.

Short summary

A security researcher tested 5 LLMs for prompt-injection vulnerabilities, finding leak rates from 0% to 90%. Disguised attacks bypass guardrails that reject blunt injections; Claude leaked 0% API keys but 90% of system prompts. The author released agentproof-scan, an open-source tool to test LLMs for credential and system-prompt leaks.

  • Prompt-injection vulnerability testing shows 0-90% leak rates across 5 LLMs
  • Disguised attacks succeed where blunt injections fail against guardrails
  • agentproof-scan tool now available for testing LLM security vulnerabilities

Generated with AI, which can make mistakes.

Is this a good recommendation for you?

Explore more