Explore

Find agent skills by outcome

127,184 skills indexed with the new KISS metadata standard.

Showing 24 of 127,184Categories: General, Coding & Debugging, Cursor-rules, Creative, Research & Learning, Data

PromptBeginner5 minmarkdown

Streaming responses: Call `protect()` before starting the stream. If denied

return the error before opening the stream — don't start streaming and then abort.

PromptBeginner5 minmarkdown

Start all rules in `DRY_RUN` mode first. Once verified

promote to `LIVE`.

PromptBeginner5 minmarkdown

Adapt the response format to your framework (e.g.

`res.status(429).json(...)` for Express).

PromptBeginner5 minmarkdown

- `list-requests` — confirm decisions are being recorded

filter by conclusion to see blocks

PromptBeginner5 minmarkdown

detectPromptInjectionMessage: userMessage

// injection detection

PromptBeginner5 minmarkdown

return Response.json({ error: Forbidden }

{ status: 403 });

PromptBeginner5 minmarkdown

console.warn(Arcjet error:

decision.reason.message);

PromptBeginner5 minmarkdown

sensitiveInfoValue: userMessage

// PII scanning

PromptBeginner5 minmarkdown

requested: 1

// tokens to deduct for rate limiting

PromptBeginner5 minmarkdown

const decision = await aj.protect(req

{

Coding & Debugging

PromptBeginner5 minmarkdown

Always include `shield()` (WAF) and `detectBot()` as base layers. Bots scraping AI endpoints are a common abuse vector. For endpoints accessed via browsers (e.g. chat interfaces)

consider adding Arcjet advanced signals for client-side bot detection that catches sophisticated headless browsers. See https://docs.arcjet.com/bot-protection/advanced-signals for setup.

PromptBeginner5 minmarkdown

Pass the `requested` parameter at `protect()` time to deduct tokens proportional to model cost. For example

deduct 1 token per message

PromptBeginner5 minmarkdown

Set `characteristics` to track per-user: `[userId]` if authenticated

defaults to IP-based.

PromptBeginner5 minmarkdown

Use `tokenBucket()` / `token_bucket()` for AI endpoints — the `requested` parameter can be set proportional to actual model token usage

directly linking rate limiting to cost. It also allows short bursts while enforcing an average rate

Coding & Debugging

PromptBeginner5 minmarkdown

- Python: `detect_sensitive_info(deny=[SensitiveInfoType.EMAIL

SensitiveInfoType.CREDIT_CARD_NUMBER

PromptBeginner5 minmarkdown

Arcjet rules run before the request reaches your AI model — blocking prompt injection

PII leakage

PromptBeginner5 minmarkdown

Check for an existing shared Arcjet client (see `/arcjet:protect-route` for full setup). If none exists

set one up first with `shield()` as the base rule. The user will need to register for an Arcjet account at https://app.arcjet.com then use the `ARCJET_KEY` in their environment variables.

PromptBeginner5 minmarkdown

Detects jailbreaks

role-play escapes

PromptBeginner5 minmarkdown

Read https://docs.arcjet.com/llms.txt for comprehensive SDK documentation covering all frameworks

rule types

PromptBeginner5 minmarkdown

Secure AI/LLM endpoints with layered protection: prompt injection detection

PII blocking

PromptBeginner5 minmarkdown

description: Protect AI chat and completion endpoints from abuse — detect prompt injection and jailbreak attempts

block PII and sensitive info from leaking in responses

PromptBeginner5 minmarkdown

Best practices — legend-first

one device type at a time

PromptBeginner5 minmarkdown

Add AI protection

---

PromptBeginner5 minmarkdown

Visual symbol table — per ELV system (CCTV

FAS