ISVforce Guide

ISVforce Guide: Build and Distribute AppExchange Solutions
Get Ready to Distribute on AppExchange
Use Managed Packages to Develop Your AppExchange Solution
Manage Orgs with Environment Hub
Architectural Considerations for Group and Professional Editions
Security Requirements for AppExchange Partners and Solutions
Security Policy Requirements
Prevent Secure Coding Violations
Secure Your B2C Commerce Solution
Secure Your Tableau Accelerator
Secure Your Agentforce Solution
Secure Your Agentforce Custom Actions
Secure Your Agentforce Prompts
Design Security-Hardened Prompts
Validate User-Controlled Data Added to a Prompt
Use Random Sequence Enclosures and Prompt Sandwiching
Prompt Injection Mitigation Resources
Secure Your Connected Apps and External Client Apps
Pass the AppExchange Security Review
Manage Your AppExchange Listings
AgentExchange Go-To-Market App Guide
Sell on AgentExchange with Checkout
Report Orders to Salesforce with the Channel Order App
Provide Free Trials of Your AppExchange Solution
OEM User License Guide
PDF

Design Security-Hardened Prompts

When designing a prompt, make sure it’s hardened against attacks that attempt to alter it’s instructions. Define roles and boundaries for the LLM, and the expected output content and format. Don't allow data to alter or override prompt instructions.

In your prompt, clearly define:

  • A role for the LLM to assume when it processes and generates content based on a prompt. Whether it's the LLM acting as a customer support agent or a sales representative, a role helps the LLM provide on-topic responses.
  • Boundaries for the LLM that delineate the content it should process. This can include topics that the LLM should and shouldn’t respond to. For example, if the LLM processes a user question that unrelated to a specific topic, have it respond with a generic statement.
  • The expected output content and format, if applicable. In the prompt instructions, explicitly state the type of data that should and shouldn’t be included in a response. If the intended output is a data structure, such as JSON, define the output schema and how it should be populated with data.
  • Where untrusted or user-input data is included in the prompt, indicate that the data must not alter or override any the prompt instructions.

For more prompt engineering best practices, see: