/**
 * Simple prompt injection detection for AI inputs.
 * Checks for common injection patterns in user messages.
 *
 * EGAI 4.6.3.2 — Prompt Injection Detection
 */

const INJECTION_PATTERNS = [
  /ignore\s+(all\s+)?previous\s+instructions/i,
  /disregard\s+(all\s+)?prior/i,
  /you\s+are\s+now\s+/i,
  /forget\s+(everything|all|your)\s+(instructions|rules|guidelines)/i,
  /system\s*:\s*/i,
  /\[INST\]/i,
  /<<SYS>>/i,
  /\bDAN\b.*\bmode\b/i,
  /jailbreak/i,
  /bypass\s+(security|filter|restriction)/i,
  /pretend\s+you\s+(are|have)\s+no\s+(rules|restrictions)/i,
  /act\s+as\s+(if|though)\s+you\s+(have|are)\s+no/i,
];

export interface PromptGuardResult {
  safe: boolean;
  matchedPattern?: string;
}

export function checkPromptInjection(input: string): PromptGuardResult {
  for (const pattern of INJECTION_PATTERNS) {
    if (pattern.test(input)) {
      return { safe: false, matchedPattern: pattern.source };
    }
  }
  return { safe: true };
}