Skip to content

feat: Add prompt-attack-detection-agent#206

Open
Ujjwal5705 wants to merge 8 commits into
Lamatic:mainfrom
Ujjwal5705:feat/prompt-attack-detection-agent
Open

feat: Add prompt-attack-detection-agent#206
Ujjwal5705 wants to merge 8 commits into
Lamatic:mainfrom
Ujjwal5705:feat/prompt-attack-detection-agent

Conversation

@Ujjwal5705

@Ujjwal5705 Ujjwal5705 commented Jul 10, 2026

Copy link
Copy Markdown

Contribution Type

  • Kit
  • Template
  • Bundle

Summary

This PR adds a new AgentKit named Prompt Attack Detection Agent.

The kit analyzes user prompts for:

  • Prompt Injection
  • Jailbreak Attempts
  • System Prompt Extraction
  • Role Override
  • Other malicious prompt attacks

The project includes:

  • Exported Lamatic Flow
  • Next.js frontend
  • Lamatic SDK integration
  • Environment configuration
  • Documentation

Validation Checklist

  • Flow exported from Lamatic Studio
  • apps/package.json included
  • .env.example included
  • README.md completed
  • agent.md completed
  • lamatic.config.ts completed
  • Flow tested locally
  • npm run dev works

Folder Structure

kits/prompt-attack-detection-agent/
├── apps/
├── flows/
├── prompts/
├── model-configs/
├── constitutions/
├── README.md
├── agent.md
└── lamatic.config.ts

@coderabbitai

coderabbitai Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

Walkthrough

Changes

A new Prompt Attack Detection Agent kit defines prompt-threat analysis behavior, connects it to a configured Lamatic LLM flow, and provides a Next.js interface for submitting prompts and displaying structured results.

Prompt Attack Detection Agent

Layer / File(s) Summary
Analysis behavior and output contract
kits/prompt-attack-detection-agent/constitutions/default.md, kits/prompt-attack-detection-agent/prompts/*, kits/prompt-attack-detection-agent/agent.md, kits/prompt-attack-detection-agent/README.md
Defines attack categories, scoring, recommendations, sanitization, guardrails, JSON fields, integration examples, and kit documentation.
Flow execution and kit wiring
kits/prompt-attack-detection-agent/flows/*, kits/prompt-attack-detection-agent/model-configs/*, kits/prompt-attack-detection-agent/lamatic.config.ts
Connects the prompt trigger, dynamic LLM node, response mapping, model configuration, flow references, metadata, and mandatory kit step.
Application analysis and result presentation
kits/prompt-attack-detection-agent/apps/types/*, kits/prompt-attack-detection-agent/apps/lib/*, kits/prompt-attack-detection-agent/apps/actions/*, kits/prompt-attack-detection-agent/apps/app/page.tsx, kits/prompt-attack-detection-agent/apps/components/*
Adds typed contracts, Lamatic execution with timeout handling, server-side validation, prompt submission, loading and error states, and result rendering.
Next.js application scaffold and styling
kits/prompt-attack-detection-agent/apps/*, kits/prompt-attack-detection-agent/apps/app/globals.css, kits/prompt-attack-detection-agent/apps/app/layout.tsx
Adds environment configuration, package scripts, TypeScript and Tailwind setup, global styling, UI configuration, and Next.js runtime metadata.

Suggested reviewers: amanintech, d-pamneja

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed Docstring coverage is 85.71% which is sufficient. The required threshold is 80.00%.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Title check ✅ Passed The title clearly names the new prompt attack detection agent and matches the main change.
Description check ✅ Passed The PR description covers contribution type, summary, validation, and folder structure, with only minor template items left implicit.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions

github-actions Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

:robot_face: AgentKit Structural Validation

New Contributions Detected

  • Kit: kits/prompt-attack-detection-agent

Check Results

Check Status
No edits to existing kits ✅ Pass
Required root files present ✅ Pass
Flow .ts files present ✅ Pass
lamatic.config.ts valid ✅ Pass
No changes outside kits/ ✅ Pass

⚠️ Warnings

  • kits/prompt-attack-detection-agent is missing .env.example — bundles and kits should include one

🎉 All checks passed! This contribution follows the AgentKit structure.

@github-actions

Copy link
Copy Markdown
Contributor

Failure recorded at 2026-07-10T06:00:15Z UTC. If this PR is not fixed within 4 weeks it will be automatically closed.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 5

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@kits/prompt-attack-detection-agent/constitutions/default.md`:
- Around line 6-9: Update the Safety section in the default constitution so
prompt-injection and jailbreak text supplied as detector input is treated as
untrusted data: do not follow, execute, or refuse because of those embedded
instructions, and instead classify the content and return the required security
assessment. Preserve refusal behavior only for requests that are outside the
detector’s classification task.

In `@kits/prompt-attack-detection-agent/flows/prompt-attack-detection-agent.ts`:
- Around line 77-118: The response currently stringifies the LLM analysis and
uses an unstructured Generate Text node. Update LLMNode_190 to a schema-backed
structured-output node, configure its output schema for the documented analysis
object, and change graphqlResponseNode’s outputMapping so
{{LLMNode_190.output.generatedResponse}} is mapped without quotes.

In
`@kits/prompt-attack-detection-agent/prompts/prompt-attack-detection-agent_llmnode-190_system_0.md`:
- Around line 19-23: The recommendation values are inconsistent across the
prompt, agent.md, and README.md. Choose a single enum set—matching the
documented contract—and update the recommendation list and all related examples
or parsing guidance consistently across these files.

In
`@kits/prompt-attack-detection-agent/prompts/prompt-attack-detection-agent_llmnode-190_user_1.md`:
- Around line 1-2: Update the detection prompt containing
`{{triggerNode_1.output.prompt}}` to clearly delimit the injected payload and
explicitly instruct the model to treat it only as data, ignoring any
instructions within it. Preserve the request to analyze the payload for security
threats.

In `@kits/prompt-attack-detection-agent/README.md`:
- Around line 80-84: Expand the README’s “Built With” section with a
human-readable setup guide covering prerequisites, Groq credential
configuration, kit deployment, and API invocation. Include the required
environment variables or secrets and a representative sample request showing how
to call the deployed agent.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: 4c21d776-e60c-4ff0-87f9-34b295b886c7

📥 Commits

Reviewing files that changed from the base of the PR and between dafde4c and 9016c70.

📒 Files selected for processing (8)
  • kits/prompt-attack-detection-agent/README.md
  • kits/prompt-attack-detection-agent/agent.md
  • kits/prompt-attack-detection-agent/constitutions/default.md
  • kits/prompt-attack-detection-agent/flows/prompt-attack-detection-agent.ts
  • kits/prompt-attack-detection-agent/lamatic.config.ts
  • kits/prompt-attack-detection-agent/model-configs/prompt-attack-detection-agent_llmnode-190_generative-model-name.ts
  • kits/prompt-attack-detection-agent/prompts/prompt-attack-detection-agent_llmnode-190_system_0.md
  • kits/prompt-attack-detection-agent/prompts/prompt-attack-detection-agent_llmnode-190_user_1.md

Comment thread kits/prompt-attack-detection-agent/constitutions/default.md
Comment thread kits/prompt-attack-detection-agent/README.md

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 10

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@kits/prompt-attack-detection-agent/apps/actions/orchestrate.ts`:
- Around line 1-36: Import the parent kit’s lamatic.config in analyzePrompt and
use its declared flow or step definitions when invoking executePromptAnalysis.
Update executePromptAnalysis and its callers as needed so execution is driven by
the imported kit configuration rather than relying solely on LAMATIC_FLOW_ID.

In `@kits/prompt-attack-detection-agent/apps/app/globals.css`:
- Around line 5-16: Replace hardcoded colors in the global html/body styles with
semantic CSS custom properties declared in :root, then map those variables to
semantic Tailwind color tokens in tailwind.config.ts. Update affected
components, including AnalysisResult, RiskBadge, LoadingSpinner, and
ErrorMessage, to use tokens such as background, foreground, border, and
destructive instead of raw palette classes.

In `@kits/prompt-attack-detection-agent/apps/components.json`:
- Around line 1-9: Update the shadcn/ui configuration object to include "rsc":
true and an "aliases" block defining the components, utils, and ui import paths,
using the project’s established directory aliases so npx shadcn add resolves and
places files correctly.

In `@kits/prompt-attack-detection-agent/apps/components/AnalysisResult.tsx`:
- Around line 51-60: Update the attack_types mapping in AnalysisResult to use a
composite React key combining each type with its map index, preventing
collisions when duplicate attack type strings are returned.

In `@kits/prompt-attack-detection-agent/apps/components/PromptAnalysisForm.tsx`:
- Around line 15-33: Wrap the textarea and button in a form element within
PromptAnalysisForm, handle submission through the form’s onSubmit callback,
prevent the default submit behavior, and invoke onSubmit with the current
prompt. Set the button type to submit and preserve the existing styling and
controls.

In `@kits/prompt-attack-detection-agent/apps/components/RiskBadge.tsx`:
- Around line 9-14: Update the severity-to-color logic in RiskBadge so
"critical" receives a red or otherwise highest-risk style, "high" and "medium"
retain their appropriate styles, and "low" is the only severity using green.
Normalize severity once and handle these values explicitly, with a safe fallback
that does not imply safety.

In `@kits/prompt-attack-detection-agent/apps/lib/lamatic-client.ts`:
- Around line 31-40: Update the Lamatic call in the function containing
executeFlow to enforce a bounded timeout with cancellation or an SDK-supported
timeout option, and ensure timeout failures are handled consistently. Replace
the raw error-object logging in the catch block with a sanitized, generic
message that excludes URLs, project identifiers, credentials, and SDK response
details while preserving the original error for propagation.
- Line 36: The executePromptAnalysis function should validate res.result at
runtime before casting it to PromptAnalysisOutput, ensuring the nested
data.analysis.risk_score shape is present and valid. Add a lightweight schema or
equivalent guard, handle invalid payloads explicitly, and only return the cast
value after validation.

In `@kits/prompt-attack-detection-agent/apps/package.json`:
- Around line 11-18: The standard form stack is missing from the dependencies
while PromptAnalysisForm.tsx uses local state. Add react-hook-form, zod, and the
appropriate resolver dependency, then refactor PromptAnalysisForm to use useForm
with a zod schema and zodResolver for validation and submission.
- Line 25: Upgrade the tailwindcss dependency in package.json to v4 or later,
replace the v3 Tailwind PostCSS plugin in postcss.config.mjs with
`@tailwindcss/postcss` and add that dependency, and migrate styling configuration
from tailwind.config.ts into CSS using Tailwind v4 directives/theme variables;
remove the obsolete JavaScript configuration file and update any affected
imports or build scripts.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: 714de3ef-3710-4b2b-aa5c-324ed436dff4

📥 Commits

Reviewing files that changed from the base of the PR and between 9016c70 and a35e820.

⛔ Files ignored due to path filters (1)
  • kits/prompt-attack-detection-agent/apps/package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (21)
  • kits/prompt-attack-detection-agent/apps/.env.example
  • kits/prompt-attack-detection-agent/apps/.gitignore
  • kits/prompt-attack-detection-agent/apps/actions/orchestrate.ts
  • kits/prompt-attack-detection-agent/apps/app/globals.css
  • kits/prompt-attack-detection-agent/apps/app/layout.tsx
  • kits/prompt-attack-detection-agent/apps/app/page.tsx
  • kits/prompt-attack-detection-agent/apps/components.json
  • kits/prompt-attack-detection-agent/apps/components/AnalysisResult.tsx
  • kits/prompt-attack-detection-agent/apps/components/ErrorMessage.tsx
  • kits/prompt-attack-detection-agent/apps/components/LoadingSpinner.tsx
  • kits/prompt-attack-detection-agent/apps/components/PromptAnalysisForm.tsx
  • kits/prompt-attack-detection-agent/apps/components/RiskBadge.tsx
  • kits/prompt-attack-detection-agent/apps/lib/lamatic-client.ts
  • kits/prompt-attack-detection-agent/apps/next-env.d.ts
  • kits/prompt-attack-detection-agent/apps/next.config.mjs
  • kits/prompt-attack-detection-agent/apps/package.json
  • kits/prompt-attack-detection-agent/apps/postcss.config.mjs
  • kits/prompt-attack-detection-agent/apps/tailwind.config.ts
  • kits/prompt-attack-detection-agent/apps/tsconfig.json
  • kits/prompt-attack-detection-agent/apps/types/index.ts
  • kits/prompt-attack-detection-agent/lamatic.config.ts

Comment thread kits/prompt-attack-detection-agent/apps/actions/orchestrate.ts
Comment thread kits/prompt-attack-detection-agent/apps/app/globals.css Outdated
Comment thread kits/prompt-attack-detection-agent/apps/components.json
Comment thread kits/prompt-attack-detection-agent/apps/components/RiskBadge.tsx Outdated
Comment thread kits/prompt-attack-detection-agent/apps/lib/lamatic-client.ts
Comment thread kits/prompt-attack-detection-agent/apps/lib/lamatic-client.ts
Comment thread kits/prompt-attack-detection-agent/apps/package.json
Comment thread kits/prompt-attack-detection-agent/apps/package.json Outdated
@Ujjwal5705 Ujjwal5705 changed the title feat: Add prompt-attack-detection-agent template feat: Add prompt-attack-detection-agent Jul 10, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@kits/prompt-attack-detection-agent/apps/app/globals.css`:
- Around line 5-24: Remove the backticks from all theme token values in :root,
including --background, --foreground, and the remaining CSS variables, so each
stores a plain hex color. Preserve the existing var(--background) usage and do
not add another background declaration.

In `@kits/prompt-attack-detection-agent/apps/components.json`:
- Around line 5-9: The shadcn aliases in the configuration contain literal
backticks, producing invalid import paths. Update the components, utils, and ui
alias values to plain path strings without backticks, preserving their existing
path targets.

In `@kits/prompt-attack-detection-agent/apps/lib/lamatic-client.ts`:
- Around line 29-39: Update the request logic in the Lamatic client function
using an AbortController or the SDK’s cancellation mechanism, passing its signal
to lamaticClient.executeFlow and triggering abort when the 30-second timeout
fires. Ensure the timeout is cleared in a finally block so both success and
failure clean up the timer and no background request continues.

In `@kits/prompt-attack-detection-agent/apps/package.json`:
- Around line 25-26: The dependency key for Tailwind’s PostCSS plugin contains
literal backticks and is invalid. In the dependencies object of package.json,
rename the key "`@tailwindcss/postcss`" to the actual package name
"`@tailwindcss/postcss`", preserving the "^4" version.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: e9d4497a-091a-452b-8711-b6223c54b410

📥 Commits

Reviewing files that changed from the base of the PR and between a35e820 and 7ee1155.

📒 Files selected for processing (7)
  • kits/prompt-attack-detection-agent/apps/actions/orchestrate.ts
  • kits/prompt-attack-detection-agent/apps/app/globals.css
  • kits/prompt-attack-detection-agent/apps/components.json
  • kits/prompt-attack-detection-agent/apps/components/PromptAnalysisForm.tsx
  • kits/prompt-attack-detection-agent/apps/components/RiskBadge.tsx
  • kits/prompt-attack-detection-agent/apps/lib/lamatic-client.ts
  • kits/prompt-attack-detection-agent/apps/package.json

Comment thread kits/prompt-attack-detection-agent/apps/app/globals.css
Comment thread kits/prompt-attack-detection-agent/apps/components.json Outdated
Comment thread kits/prompt-attack-detection-agent/apps/lib/lamatic-client.ts
Comment thread kits/prompt-attack-detection-agent/apps/package.json Outdated
@github-actions

Copy link
Copy Markdown
Contributor

Hi @Ujjwal5705! 👋

Before this PR can be reviewed by maintainers, please resolve all comments and requested changes from the CodeRabbit automated review.

Steps to follow:

  1. Read through all CodeRabbit comments carefully
  2. Address each issue raised (or reply explaining why you disagree)
  3. Push your fixes as new commits
  4. Once all issues are resolved, comment here so we can re-review

This helps keep the review process efficient for everyone. Thank you! 🙏

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
kits/prompt-attack-detection-agent/apps/components/PromptAnalysisForm.tsx (1)

9-38: 📐 Maintainability & Code Quality | 🟠 Major | ⚡ Quick win

Form should use react-hook-form + zod per coding guidelines.

The <form> wrapping fix is confirmed and looks good. However, the coding guideline for kit Next.js apps explicitly requires react-hook-form + zod for forms. This component uses raw useState with no schema validation. For a security-focused kit that accepts user prompts, zod validation (e.g., min/max length, required) would also strengthen the input contract server-side.

As per coding guidelines: "For kit Next.js apps: use... react-hook-form + zod for forms."

♻️ Proposed refactor using react-hook-form + zod
+"use client";
+
+import { useForm } from "react-hook-form";
+import { zodResolver } from "`@hookform/resolvers/zod`";
+import { z } from "zod";
+
+const schema = z.object({
+  prompt: z.string().min(1, "Prompt is required").max(10000, "Prompt too long"),
+});
+
+type FormValues = z.infer<typeof schema>;
+
 interface Props {
   onSubmit: (prompt: string) => void;
 }

 export default function PromptAnalysisForm({ onSubmit }: Props) {
-  const [prompt, setPrompt] = useState("");
+  const { register, handleSubmit, formState: { errors } } = useForm<FormValues>({
+    resolver: zodResolver(schema),
+  });

   return (
     <form
-      onSubmit={(e) => {
-        e.preventDefault();
-        onSubmit(prompt);
-      }}
+      onSubmit={handleSubmit((values) => onSubmit(values.prompt))}
       className="space-y-6"
     >
       <textarea
-        value={prompt}
-        onChange={(e) => setPrompt(e.target.value)}
+        {...register("prompt")}
         placeholder="Paste a prompt to analyze..."
         className="h-72 w-full rounded-xl border border-gray-300 bg-white p-4 font-mono text-gray-900 placeholder:text-gray-500 focus:border-blue-500 focus:outline-none focus:ring-2 focus:ring-blue-500"
       />
+      {errors.prompt && (
+        <p className="text-sm text-red-600">{errors.prompt.message}</p>
+      )}
       <button
         type="submit"
         className="rounded-xl bg-blue-600 px-6 py-3 text-white hover:bg-blue-700"
       >
         Analyze Prompt
       </button>
     </form>
   );
 }
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@kits/prompt-attack-detection-agent/apps/components/PromptAnalysisForm.tsx`
around lines 9 - 38, Refactor PromptAnalysisForm to use react-hook-form with a
zod schema instead of raw useState. Define required prompt validation with
appropriate minimum and maximum length constraints, wire the schema through
zodResolver, register the textarea, display validation errors, and submit
validated data through onSubmit while preserving the existing form styling and
behavior.

Source: Coding guidelines

♻️ Duplicate comments (1)
kits/prompt-attack-detection-agent/apps/components/AnalysisResult.tsx (1)

54-63: 🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

Duplicate React key risk still present.

Line 57 still uses key={type} without an index fallback. LLM-generated attack_types can contain duplicate strings, causing React key collisions and rendering warnings. This was flagged previously and remains unresolved.

♻️ Proposed fix
           {a.attack_types.map((type, index) => (
             <span
-              key={type}
+              key={`${type}-${index}`}
               className="rounded-full bg-blue-100 px-3 py-1 text-sm"
             >
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@kits/prompt-attack-detection-agent/apps/components/AnalysisResult.tsx` around
lines 54 - 63, Update the attack_types mapping in AnalysisResult to guarantee
unique React keys when duplicate type strings occur: include the map index in
the key, preferably alongside type, instead of using key={type} alone.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@kits/prompt-attack-detection-agent/apps/lib/lamatic-client.ts`:
- Around line 25-30: Update the Prompt Attack Detection flow execution method
documented above to pass an AbortController signal to executeFlow, abort it when
the timeout wins, and clear the timeout afterward. Before casting or returning
the response, validate that res.result exists and matches the expected
PromptAnalysisOutput shape, throwing a descriptive error for missing or invalid
results.

In `@kits/prompt-attack-detection-agent/README.md`:
- Around line 1-48: The README lacks the required human-readable setup guide and
markdown formatting. Expand README.md with prerequisites, environment-variable
configuration, installation and deployment steps, and a sample request; add a
top-level H1 heading, insert a blank line after the “Folder Structure” heading,
and ensure the file ends with a newline.

---

Outside diff comments:
In `@kits/prompt-attack-detection-agent/apps/components/PromptAnalysisForm.tsx`:
- Around line 9-38: Refactor PromptAnalysisForm to use react-hook-form with a
zod schema instead of raw useState. Define required prompt validation with
appropriate minimum and maximum length constraints, wire the schema through
zodResolver, register the textarea, display validation errors, and submit
validated data through onSubmit while preserving the existing form styling and
behavior.

---

Duplicate comments:
In `@kits/prompt-attack-detection-agent/apps/components/AnalysisResult.tsx`:
- Around line 54-63: Update the attack_types mapping in AnalysisResult to
guarantee unique React keys when duplicate type strings occur: include the map
index in the key, preferably alongside type, instead of using key={type} alone.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: 76047be0-26e6-4d07-b59c-b40f58a59771

📥 Commits

Reviewing files that changed from the base of the PR and between 7ee1155 and a9a874e.

📒 Files selected for processing (8)
  • kits/prompt-attack-detection-agent/README.md
  • kits/prompt-attack-detection-agent/apps/actions/orchestrate.ts
  • kits/prompt-attack-detection-agent/apps/components/AnalysisResult.tsx
  • kits/prompt-attack-detection-agent/apps/components/ErrorMessage.tsx
  • kits/prompt-attack-detection-agent/apps/components/PromptAnalysisForm.tsx
  • kits/prompt-attack-detection-agent/apps/components/RiskBadge.tsx
  • kits/prompt-attack-detection-agent/apps/lib/lamatic-client.ts
  • kits/prompt-attack-detection-agent/lamatic.config.ts

Comment thread kits/prompt-attack-detection-agent/apps/lib/lamatic-client.ts
Comment thread kits/prompt-attack-detection-agent/README.md Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@kits/prompt-attack-detection-agent/README.md`:
- Around line 49-69: Add language identifiers to the four fenced examples in the
README’s prompt examples section, using an appropriate identifier such as text
for each block, and ensure the file ends with exactly one newline.
- Around line 14-15: Update the README’s recommendation values to match the
contract defined in prompt-attack-detection-agent_llmnode-190_system_0.md:
Allow, Allow After Sanitization, and Reject. Ensure the documented values are
exact and consistently ordered across the README and prompt.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: 5f077902-3900-4d2e-8670-d35c886ea0a2

📥 Commits

Reviewing files that changed from the base of the PR and between a9a874e and 38b6b01.

📒 Files selected for processing (1)
  • kits/prompt-attack-detection-agent/README.md

Comment thread kits/prompt-attack-detection-agent/README.md Outdated
Comment thread kits/prompt-attack-detection-agent/README.md Outdated
@Ujjwal5705

Copy link
Copy Markdown
Author

Hi! All CodeRabbit comments have been addressed. Could someone please take a look when you have time? Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant