Explore

Find agent skills by outcome

138,615 skills indexed with the new KISS metadata standard.

Showing 24 of 138,615Categories: Data & Insights, Coding & Debugging, Data, General, Creative, Cursor-rules

PromptBeginner5 minmarkdownQuality: 28

- Starting a stream before calling protect() — if the request is denied mid-stream

the client gets a broken response. Always call protect() first and return an error before opening the stream.

PromptBeginner5 minmarkdownQuality: 28

- Sensitive info detection runs locally in WASM — no user data is sent to external services. It is o...

not in Next.js pages or server actions.

PromptBeginner5 minmarkdownQuality: 28

Streaming responses: Call protect() before starting the stream. If denied

return the error before opening the stream — don't start streaming and then abort.

PromptBeginner5 minmarkdownQuality: 28

Multiple models / providers: Use the same Arcjet instance regardless of which AI provider you use. A...

independent of the model provider.

PromptBeginner5 minmarkdownQuality: 28

If the user wants a full security review

suggest the /arcjet:security-analyst agent which can investigate traffic

PromptBeginner5 minmarkdownQuality: 24

- list-requests — confirm decisions are being recorded

filter by conclusion to see blocks

PromptBeginner5 minmarkdownQuality: 24

Start all rules in DRY_RUN mode first. Once verified

promote to LIVE.

PromptBeginner5 minmarkdownQuality: 24

Adapt the response format to your framework (e.g.

res.status(429).json(...) for Express).

PromptBeginner5 minmarkdownQuality: 24

console.warn(Arcjet error:

decision.reason.message);

PromptBeginner5 minmarkdownQuality: 24

return Response.json({ error: Forbidden }

{ status: 403 });

PromptBeginner5 minmarkdownQuality: 24

detectPromptInjectionMessage: userMessage

// injection detection

PromptBeginner5 minmarkdownQuality: 24

requested: 1

// tokens to deduct for rate limiting

PromptBeginner5 minmarkdownQuality: 24

const decision = await aj.protect(req

{

PromptBeginner5 minmarkdownQuality: 24

sensitiveInfoValue: userMessage

// PII scanning

Coding & Debugging

PromptBeginner5 minmarkdownQuality: 28

Always include shield() (WAF) and detectBot() as base layers. Bots scraping AI endpoints are a commo...

consider adding Arcjet advanced signals for client-side bot detection that catches sophisticated headless browsers. See https://docs.arcjet.com/bot-protection/advanced-signals for setup.

PromptBeginner5 minmarkdownQuality: 32

Pass the requested parameter at protect() time to deduct tokens proportional to model cost. For exam...

deduct 1 token per message

PromptBeginner5 minmarkdownQuality: 24

Set characteristics to track per-user: [userId] if authenticated

defaults to IP-based.

PromptBeginner5 minmarkdownQuality: 28

Use tokenBucket() / token_bucket() for AI endpoints — the requested parameter can be set proportiona...

directly linking rate limiting to cost. It also allows short bursts while enforcing an average rate

Coding & Debugging

PromptBeginner5 minmarkdownQuality: 28

- Python: `detectsensitiveinfo(deny=[SensitiveInfoType.EMAIL

SensitiveInfoType.CREDITCARDNUMBER

PromptBeginner5 minmarkdownQuality: 28

Arcjet rules run before the request reaches your AI model — blocking prompt injection

PII leakage

PromptBeginner5 minmarkdownQuality: 24

Detects jailbreaks

role-play escapes

PromptBeginner5 minmarkdownQuality: 28

Check for an existing shared Arcjet client (see /arcjet:protect-route for full setup). If none exist...

set one up first with shield() as the base rule. The user will need to register for an Arcjet account at https://app.arcjet.com then use the ARCJET_KEY in their environment variables.

PromptBeginner5 minmarkdownQuality: 28

Read https://docs.arcjet.com/llms.txt for comprehensive SDK documentation covering all frameworks

rule types

PromptBeginner5 minmarkdownQuality: 24

Secure AI/LLM endpoints with layered protection: prompt injection detection

PII blocking