Secure AI Workflows: Block Prompt Injection with GPT-5.5 & Slack

Protect your AI workflows from malicious attacks with this comprehensive security screening system that automatically detects and blocks prompt injection, social engineering, and data extraction attempts before they reach your production agents.

What this workflow does

This zero-trust AI security workflow creates a protective barrier around your chatbots and automation systems. When untrusted user input arrives via webhook, it first runs deterministic checks using a Code node to identify instruction overrides, role hijacking, prompt leakage attempts, hidden Unicode characters, SQL-style payloads, and XSS-style content. The system then extracts and analyzes URLs against suspicious domain heuristics before passing the input to an isolated GPT-5.5 evaluator for semantic risk assessment.

The GPT-5.5 layer intelligently classifies threats including prompt injection attacks, data exfiltration attempts, and social engineering tactics. A sophisticated scoring system combines all detection signals to route legitimate requests to safe responses while automatically blocking, logging, and alerting your team via Slack when suspicious activity is detected. All security events are tracked in Google Sheets for analysis and compliance.

Use cases

• Customer service chatbots - Screen support requests before they reach AI agents handling sensitive customer data
• Public webhook endpoints - Protect automation workflows exposed to internet traffic from malicious payloads
• AI content generation - Prevent prompt injection attacks on creative writing or marketing automation tools
• Enterprise security - Add zero-trust screening to any AI system processing external input

Technical details

Built using n8n's Code, Slack, Switch, Webhook, and Google Sheets nodes, this workflow requires OpenAI access to GPT-5.5, Slack credentials, and Google Sheets integration. Simply connect your credentials and route untrusted input through the `/firewall-check` webhook endpoint before your main AI workflows.

The template includes customizable attack pattern detection, adjustable risk thresholds, and extension points for additional security services like URLScan, VirusTotal, or Safe Browsing APIs.