|5 min read|BreakMyAgent Team

Prompt Injection Red Team Report Template

What to include in an AI agent red-team report so security findings turn into fixes instead of vague screenshots.

prompt injection reportAI red team templateLLM security findingsagent security testing

Prompt Injection Red Team Report Template

A prompt injection red-team report should make the fix obvious: what was attacked, what the model saw, what it did, what data or tool was exposed, and which boundary failed.

Quick Answer

  1. Include the exact prompt or indirect payload.
  2. Capture the retrieved context and tool arguments.
  3. Rate impact by capability, not cleverness.
  4. Name the failed boundary.
  5. Provide a regression test for the fix.

Minimum Fields

Field Why it matters
Target surface Chat, RAG, browser, email, calendar, code
Payload The exact attack string or file
Model behavior What the agent actually did
Impact Data exposed, action taken, or policy bypassed
Root cause Missing labeling, weak tool gate, bad parser, broad permission
Fix test How to prove the patch works

Severity Should Follow Capability

A jailbreak that produces rude text is less severe than a boring-looking injection that sends an email, edits a CRM record, or leaks private context.

FAQ

Should screenshots be enough?

No. Screenshots help humans read the issue, but fixes need exact prompts, inputs, tool calls, and expected behavior.

How do you avoid one-off fixes?

Turn each finding into a regression test that fails before the fix and passes after it.

What should BreakMyAgent capture?

The payload, response, tool boundary, score impact, and the concrete mitigation path for the developer.

Test your system prompt

Apply what you just read. Scan your agent prompt for these vulnerabilities.

Scan My Agent
Scan Agent