Blog SECURITY
openleash/how-prompt-injection-reaches-your-coding-agent

How prompt injection actually reaches your coding agent

READMEs, issue comments, and skill files — the three doors injections walk through, with real samples we caught.

Prompt injection is a workflow bug. The strongest control sits at the action boundary, not only in the system prompt.

1Issue / docs / tool output
2Agent context
3OpenLeash check
4Safe action
Treat untrusted context as input, then enforce at the action boundary.
prompt injectionskillssecurity

The short version

Prompt injection matters because agents are no longer just suggesting changes. They read files, call tools, run commands, and move context between systems.

OpenLeash keeps that power visible. Every plugin can inspect an event, make a decision, and leave an audit trail that humans can understand later.

What OpenLeash watches

Prompts, tool calls, sessions, skills, logs, and startup inventory all flow through the same event model. Plugins can block, mask, rewrite, compress, export, or simply observe.

That keeps the workflow fast when the agent is safe and explicit when the blast radius changes.