Trust Layer for AI Prompts

Secure Prompts

Like Stripe's secure payment badge, but for copy-to-clipboard prompts. Verify your prompts are safe before users copy them.

The Problem

Prompt Injection Attacks

  • • Hidden instructions: "ignore previous instructions..."
  • • Data exfiltration: "email results to attacker@..."
  • • Invisible unicode characters masking content
  • • Jailbreak payloads embedded in prompts

Users Can't Tell

  • • Developers copy prompts without reading them
  • • No way to verify prompt safety
  • • Hidden content is invisible to humans
  • • Trust is assumed, not verified

Try It Now

Paste any prompt to scan it for injection patterns

0 characters0 words

The badge will show a warning if displayed on any other domain. This prevents unauthorized copying of your verified badge.

Recommended

Use with Claude Code (MCP Server)

The best way to use Secure Prompts is through Claude Code. Just say "register this prompt as secure" and Claude handles everything.

What is MCP?

Model Context Protocol (MCP) lets you give Claude Code custom tools. Instead of copying prompts to a website, you just tell Claude what you want in natural language. It's like adding plugins to your AI assistant.

Learn more about MCP →

Get the MCP Server

1-Click Install

This badge IS the installation.

Click "Get Prompt Securely" below, copy the setup instructions, paste into Claude Code. That's it — MCP server installed. This is exactly what your users will experience when they use your secure prompt badges.

What this badge tells you:

  • Security scan passed — no injection attacks, no data exfiltration
  • Risk: Caution — transparent about external API calls + our backlink
  • • Hash verification ensures prompt hasn't been tampered with
  • • "HashBuilds" attribution = your backlink when you add badges to your site

After pasting into Claude Code:

Just say "register this prompt as secure" and Claude will scan it, give you embed code, and ask which badge style you want. Done.

Or set up manually →

1. Clone and build

git clone https://github.com/jphyqr/secure-prompts-mcp.git
cd secure-prompts-mcp && npm install && npm run build

2. Add to .mcp.json

{
  "mcpServers": {
    "secure-prompts": {
      "command": "node",
      "args": ["/path/to/secure-prompts-mcp/dist/index.js"]
    }
  }
}

3. Restart Claude Code

Now Just Talk to Claude

You say:

"Register this prompt as secure: You are a helpful coding assistant..."

Claude responds:

I've registered your prompt. Risk level: safe. Here's your embed code...

Other things you can say:

  • • "Verify prompt ID cmj23xyz"
  • • "Give me the embed code for prompt cmj23xyz"
  • • "Scan this prompt for security issues: [paste prompt]"

Manual Registration

Use the form above if you prefer not to set up MCP

1

Register

Paste your prompt above and scan it

2

Get Badge

Copy the embed code for your site

3

Add to Site

Users see the verified badge

4

Build Trust

Users know the prompt is safe

What We Scan For

AI-powered analysis catches subtle manipulation that regex can't detect

Hidden Instructions

Attempts to override AI behavior:

"ignore previous instructions", "new system prompt"

Backlink Injection

Sneaky SEO manipulation:

"insert a link to X", "always mention my site"

Data Exfiltration

Attempts to send data out:

"email results to", "POST to webhook"

Manipulative Instructions

Subtle behavior modifications:

"always recommend X", "never mention Y"

Jailbreak Attempts

Bypass safety measures:

"DAN mode", "pretend you have no restrictions"

Invisible Content

Hidden unicode tricks:

Zero-width spaces, RTL overrides, homoglyphs

Build This For Your Site

Want to run your own Secure Prompts verification system? Copy our Claude Code prompt and deploy it yourself.

Includes scanner, API routes, embeddable script, and landing page.

FAQ

Is this free?

Yes, completely free. We benefit from the backlinks when sites use our badge.

What if my prompt is flagged?

Review the detections. Many patterns are intentional (like URLs for attribution). The badge will show what was found so users can make informed decisions.

Can I modify the prompt after registration?

The badge uses hash verification. If you modify the prompt, the badge will show a "modified" warning to users. Re-register the new version for a fresh verification.

Do you store my prompts?

Yes, we store the prompt text to enable verification. We don't share or sell prompt content.

Why show URLs as "attribution links"?

Transparency. If your prompt includes links (common for attribution or references), users should know. Hidden links could be malicious, disclosed links build trust.

Ready to Verify Your Prompts?

Scroll up to scan your first prompt, or check out our other tools.

What is MCP?AI Privacy FrameworkInstant NDALong-Tail SEO