General
PromptBeginner5 minmarkdown
**Multiple models / providers**: Use the same Arcjet instance regardless of which AI provider you use. Arcjet operates at the HTTP layer
independent of the model provider.
0
Explore
Find agent skills by outcome
129,809 skills indexed with the new KISS metadata standard.
Showing 24 of 129,809Categories: Cursor-rules, Data, Coding & Debugging, Writing & Content, General, Creative
Data
PromptBeginner5 minmarkdown
If the user wants a full security review
suggest the `/arcjet:security-analyst` agent which can investigate traffic
0
Creative
PromptBeginner5 minmarkdown
**Streaming responses**: Call `protect()` before starting the stream. If denied
return the error before opening the stream — don't start streaming and then abort.
0
Creative
PromptBeginner5 minmarkdown
Start all rules in `DRY_RUN` mode first. Once verified
promote to `LIVE`.
0
General
PromptBeginner5 minmarkdown
Adapt the response format to your framework (e.g.
`res.status(429).json(...)` for Express).
0
General
PromptBeginner5 minmarkdown
- `list-requests` — confirm decisions are being recorded
filter by conclusion to see blocks
0
General
PromptBeginner5 minmarkdown
detectPromptInjectionMessage: userMessage
// injection detection
0
General
PromptBeginner5 minmarkdown
return Response.json({ error: Forbidden }
{ status: 403 });
0
General
PromptBeginner5 minmarkdown
console.warn(Arcjet error:
decision.reason.message);
0
General
PromptBeginner5 minmarkdown
sensitiveInfoValue: userMessage
// PII scanning
0
General
PromptBeginner5 minmarkdown
requested: 1
// tokens to deduct for rate limiting
0
General
PromptBeginner5 minmarkdown
const decision = await aj.protect(req
{
0
Coding & Debugging
PromptBeginner5 minmarkdown
Always include `shield()` (WAF) and `detectBot()` as base layers. Bots scraping AI endpoints are a common abuse vector. For endpoints accessed via browsers (e.g. chat interfaces)
consider adding Arcjet advanced signals for client-side bot detection that catches sophisticated headless browsers. See https://docs.arcjet.com/bot-protection/advanced-signals for setup.
0
General
PromptBeginner5 minmarkdown
Pass the `requested` parameter at `protect()` time to deduct tokens proportional to model cost. For example
deduct 1 token per message
0
General
PromptBeginner5 minmarkdown
Set `characteristics` to track per-user: `[userId]` if authenticated
defaults to IP-based.
0
General
PromptBeginner5 minmarkdown
Use `tokenBucket()` / `token_bucket()` for AI endpoints — the `requested` parameter can be set proportional to actual model token usage
directly linking rate limiting to cost. It also allows short bursts while enforcing an average rate
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Python: `detect_sensitive_info(deny=[SensitiveInfoType.EMAIL
SensitiveInfoType.CREDIT_CARD_NUMBER
0
General
PromptBeginner5 minmarkdown
Arcjet rules run **before** the request reaches your AI model — blocking prompt injection
PII leakage
0
General
PromptBeginner5 minmarkdown
Check for an existing shared Arcjet client (see `/arcjet:protect-route` for full setup). If none exists
set one up first with `shield()` as the base rule. The user will need to register for an Arcjet account at https://app.arcjet.com then use the `ARCJET_KEY` in their environment variables.
0
General
PromptBeginner5 minmarkdown
Detects jailbreaks
role-play escapes
0
General
PromptBeginner5 minmarkdown
Read https://docs.arcjet.com/llms.txt for comprehensive SDK documentation covering all frameworks
rule types
0
General
PromptBeginner5 minmarkdown
Secure AI/LLM endpoints with layered protection: prompt injection detection
PII blocking
0
General
PromptBeginner5 minmarkdown
description: Protect AI chat and completion endpoints from abuse — detect prompt injection and jailbreak attempts
block PII and sensitive info from leaking in responses
0
General
PromptBeginner5 minmarkdown
Best practices — legend-first
one device type at a time
0