Back to section
GitHub 🔥 Top

GitHub CodeQL 2.26.0 Adds Native AI Prompt Injection Detection

Utorok 14. júla 2026 Source: GitHub

What's new

  • js/system-prompt-injection query: detects untrusted user-provided values flowing into AI model system prompts, enabling attackers to manipulate model behavior
  • SDK coverage: OpenAI (Sora prompts, Realtime session instructions), Anthropic (completions), Google GenAI (cached content)
  • Kotlin 2.4.0 support: full analysis for the latest Kotlin version
  • C# Razor Pages: handler method parameter tracking (previously a blind spot)
  • IPv6 SSRF detection: experimental detection of server-side request forgery via IPv6 in JS/TS
  • Reduced false positives: improved Go file-closing and Python locals() dictionary analysis

Why it matters

This is the first time CodeQL — the most widely used SAST tool for open-source projects — natively detects AI-specific attack surfaces. Projects using Anthropic, OpenAI, or Google AI SDKs can automatically scan for prompt injection as part of their CI/CD pipeline via GitHub Advanced Security.

How to try it

Update CodeQL to version 2.26.0 in GitHub Actions; the js/system-prompt-injection query is part of the standard security suite for JavaScript/TypeScript.