Critical severity intermediate · Fix: 5-10 min

SystemPromptLeakError

ai_security.errors.SystemPromptLeakError

What this error means
The system prompt leak detection error occurs when sensitive system prompt content is unintentionally exposed in the LLM output or logs.

Stack trace

traceback 
ai_security.errors.SystemPromptLeakError: Detected system prompt content leaked in LLM response or logs
  at ai_security.monitoring.detect_prompt_leak (monitoring.py:45)
  at ai_security.llm_client.call (llm_client.py:112)
  at app.main (main.py:78)
QUICK FIX
Add prompt leak detection middleware that scans outputs for system prompt substrings and blocks or redacts them immediately.

Why it happens

This error happens because the system prompt, which often contains sensitive instructions or context, is inadvertently included in the model's output or exposed in logs. This can occur due to improper prompt construction, logging raw prompt data, or model behavior that echoes system instructions.

Detection

Implement monitoring that scans LLM outputs and logs for substrings matching system prompt content, raising alerts or exceptions when leaks are detected before further processing.

Causes & fixes

1

System prompt text is concatenated directly into user-visible output without redaction

✓ Fix

Separate system prompt from user prompt and ensure only user prompt and model output are exposed or logged.

2

Logging raw prompt data including system prompt without filtering

✓ Fix

Filter or redact system prompt content from logs before writing to persistent storage or monitoring tools.

3

Model echoes system prompt instructions verbatim in its response

✓ Fix

Use instruction-tuned models that minimize prompt echoing and add explicit instructions to avoid repeating system prompt text.

Code: broken vs fixed

Broken - triggers the error
python
from ai_security import LLMClient

client = LLMClient(api_key=os.environ['AI_SECURITY_API_KEY'])

response = client.call(system_prompt='[SECRET INSTRUCTIONS]', user_prompt='Hello')  # triggers leak error
print(response)
Fixed - works correctly
python
from ai_security import LLMClient
import os

client = LLMClient(api_key=os.environ['AI_SECURITY_API_KEY'])

# Separate system prompt from user prompt and enable leak detection
response = client.call(user_prompt='Hello', system_prompt='[SECRET INSTRUCTIONS]', leak_detection=True)  # fixed
print(response)
Enabled leak detection and separated system prompt from user prompt to prevent sensitive prompt content from leaking into outputs or logs.

Workaround

Wrap calls in try/except SystemPromptLeakError and sanitize outputs by removing or masking any detected system prompt substrings before retrying or logging.

Prevention

Architect your prompt handling to strictly separate system and user prompts, avoid logging raw system prompts, and use models and instructions that minimize prompt echoing to prevent leaks.

Python 3.9+ · ai-security-sdk >=1.0.0 · tested on 1.2.3
Verified 2026-04
Verify ↗

Related errors

OpenAI RateLimitError 429 LangChain OutputParserException

Related guides

'' how to prevent prompt leaks in llm apps guide '' best practices for system prompt security concept

Community Notes

No notes yetBe the first to share a version-specific fix or tip.