Context
From Vincent's review on PR #12 — the current prompt_injection_base64_in_comment rule only catches base64. Other encoding schemes could also be used to smuggle payloads in comments.
What to catch
- Long hex strings in comments (e.g.,
\x48\x65\x6c\x6c\x6f)
- URL-encoded blobs (
%48%65%6C%6C%6F)
- Other obfuscation patterns (rot13, unicode escapes, etc.)
Considerations
- High false-positive risk. Legitimate code comments often contain:
- SHA hashes (40+ hex chars)
- JWTs in test fixtures
- UUIDs
- Color codes, memory addresses
- Needs careful threshold tuning per encoding type.
- Better as companion rules (one per encoding type) rather than broadening the existing base64 rule.
Origin
PR #12 review comment by @gewenyu99
Context
From Vincent's review on PR #12 — the current
prompt_injection_base64_in_commentrule only catches base64. Other encoding schemes could also be used to smuggle payloads in comments.What to catch
\x48\x65\x6c\x6c\x6f)%48%65%6C%6C%6F)Considerations
Origin
PR #12 review comment by @gewenyu99