This detector checks for code within input. If your application is not meant to run code or process code, this is a common way for attackers to get your system to perform actions it should not.

Example

An example is an attacker asking the LLM to run code and pass in the system prompt as the input. This is an easy way for attackers to be able to exfiltrate your system prompt, if that is something you care about.

Threat

If you abstract this out, getting the LLM to run arbitrary code is a bad idea. If any other information is in that context window, or if for some reason you are executing the code on your machine, this gets bad really quick.

On the flip side, if you are a coding agent and are processing code inputs every day, we recommend you do not turn on this detector.