Back to Rules
Coming Soon
AIP Exfiltration Guard
Prevents leaking AI Prompts and internal logic
Contributed by
Jack Barrier
Detection Logic (Rego)
rule.regoOpen Policy Agent
deny if taint_flag and operation=="net.connect" and contains(path, "prompts")Threat Context
When AI agents operate autonomously, they often require broad permissions to execute tasks. However, if an agent is compromised via prompt injection or hallucinates a destructive command, it can cause significant damage to the host system.
The AIP Exfiltration Guard rule acts as a deterministic safeguard. It continuously monitors the agent's runtime behavior and immediately intercepts any action that violates this rule, ensuring your infrastructure remains secure regardless of the agent's internal state.
Remediation & Logs
When this rule is triggered, OpenLeash will block the execution and generate an audit log. You can view these events in your OpenLeash dashboard or forward them to your SIEM.
[BLOCKED] Rule Violation: AIP Exfiltration Guard
Timestamp: 2026-03-20T12:08:25.509Z
Action: Execution Intercepted
Reason: Prevents leaking AI Prompts and internal logic