Prompt Injection Scanner
powered by scurl
Any text an LLM reads is a potential attack surface. Prompt injection hides instructions inside web pages, documents, and user input—hijacking model behavior without the user or developer noticing. This tool scans content before it reaches your model.
Scanning for prompt injection...
Error
Result
The API is free to use. POST a URL to /api/fetch or raw text to /api/convert and get back cleaned markdown plus an injection analysis with score, signals, and action taken.
API Usage
# Scan a URL
curl -X POST https://clean.sibylline.dev/api/fetch \
-H "Content-Type: application/json" \
-d '{"url": "https://example.com", "render": true}'
# Scan raw text
curl -X POST https://clean.sibylline.dev/api/convert \
-H "Content-Type: application/json" \
-d '{"text": "Your content here"}'import requests
# Scan a URL
resp = requests.post("https://clean.sibylline.dev/api/fetch", json={
"url": "https://example.com",
"render": True
})
data = resp.json()
print(f"Score: {data['injection']['score']}")
print(f"Flagged: {data['injection']['flagged']}")
# Scan raw text
resp = requests.post("https://clean.sibylline.dev/api/convert", json={
"text": "Your content here"
})
data = resp.json()
print(data["markdown"])// Scan a URL
const resp = await fetch("https://clean.sibylline.dev/api/fetch", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ url: "https://example.com", render: true })
});
const data = await resp.json();
console.log(`Score: ${data.injection.score}`);
console.log(`Flagged: ${data.injection.flagged}`);
// Scan raw text
const resp2 = await fetch("https://clean.sibylline.dev/api/convert", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ text: "Your content here" })
});
const data2 = await resp2.json();
console.log(data2.markdown);