# Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

**Stack:** Go

- Prevalence: 高 頻繁に悪用される
- Impact: ハイ 3 件の重大度ハイのルール
- Prevention: 文書化済み 3 件の修正例

**OWASP:** Injection (A03:2021-Injection) - #3

## Description

Software has certain assumptions about what constitutes data and control. Injection problems occur when these assumptions are violated. Attackers exploit this by inserting special characters or instructions that modify the intended interpretation.

## Prevention

1 件の Shoulder 検出ルールに基づく Injection の予防策。

### Go

Use structured prompts with clear system/user boundaries and sanitize user input

## Warning Signs

- [HIGH] User input flows to ... without sanitization
- [HIGH] user input flowing to LLM prompts without sanitization

## Consequences

- 未承認コードの実行
- アプリケーションデータの読み取り
- アプリケーションデータの変更
- 保護メカニズムの回避

## Mitigations

- コードとデータを分離する、パラメータ化されたインターフェースを使用する
- ダウンストリームコンポーネントで使用する前に、すべての入力を検証してエンコードする
- 可能な限り、入力検証に許可リストを使用する

## Detection

- Total rules: 3
- Languages: go, javascript, typescript, python

## Rules by Language

### Go (1 rules)

- **AI Prompt Injection** [HIGH]: Detects user input flowing to LLM prompts without sanitization.
  - Remediation: Sanitize user input and use structured prompts with clear system/user boundaries.

```go
sanitized := sanitize(userInput)
messages := []openai.ChatCompletionMessage{
    {Role: "system", Content: systemPrompt},
    {Role: "user", Content: sanitized},
}
```

Learn more: https://shoulder.dev/learn/go/cwe-74/prompt-injection