# AI Prompt Injection

- ID: go-prompt-injection
- Severity: HIGH
- CWE: Injection (CWE-74)
- Languages: Go

## Description

Detects user input flowing to LLM prompts without sanitization.

## Detection Message

User input flows to {sink} without sanitization

## Remediation

Sanitize user input and use structured prompts with clear system/user boundaries.

```go
sanitized := sanitize(userInput)
messages := []openai.ChatCompletionMessage{
    {Role: "system", Content: systemPrompt},
    {Role: "user", Content: sanitized},
}
```

Learn more: https://shoulder.dev/learn/go/cwe-74/prompt-injection

## Documentation

[object Object]

## Related Rules

- **Prompt Injection via Untrusted Input** [HIGH]: 
- **AI Prompt Injection** [HIGH]: