Prisma AIRS icon

Prisma AIRS

Prisma AIRS AI Security.

Actions2

Overview

This node integrates with the Prisma AIRS AI Security service to inspect and protect AI chat interactions by analyzing prompts or responses for potential security risks such as prompt injection attacks. It is designed to be used in workflows where AI-generated content needs to be monitored and filtered to prevent malicious or harmful inputs or outputs.

Common scenarios include:

  • Validating user prompts before sending them to an AI model to ensure they do not contain harmful or manipulative content.
  • Inspecting AI-generated responses to detect and block unsafe or inappropriate outputs.
  • Enforcing security policies on conversational AI applications by automatically blocking or masking suspicious content.

Practical example:

  • Before passing a user's chat input to an AI assistant, this node checks the prompt against a configured Prisma AIRS profile. If a prompt injection attack is detected, it blocks the input and returns a custom warning message instead of forwarding the original prompt.

Properties

Name Meaning
Prompt (Required) The user's prompt text to be checked.
Prisma AIRS AI Profile for Input (Required) The Prisma AIRS AI profile name configured for input scanning.
Session ID (Optional) Unique identifier for the current chat session.
App User (Optional) User name for the current chat session.
User IP (Optional) User IP address for the current chat session.
App Name (Optional) Application name for the current chat session.
AI Model Name (Optional) AI Model name for the current chat session.
Custom Your Block Message The message output when a prompt injection attack is detected.

Output

The node outputs JSON data containing the results of the Prisma AIRS inspection. The structure varies depending on whether the content was blocked or allowed:

  • prismaAIRSAction: Indicates the action taken by Prisma AIRS, typically "block" if an attack was detected or another status otherwise.
  • For prompt inspection:
    • chatInput: The original or masked prompt text after inspection.
    • prompt_detected: Details about any detected prompt issues.
    • original_prompt: The original prompt submitted.
    • prompt_detection_details: Additional metadata about the detection.
    • masked_prompt (optional): Masked version of the prompt if modifications were made.
  • For response inspection (not requested here but supported):
    • Similar fields exist for response content (output, response_detected, original_response, etc.).
  • sessionId: The session identifier passed through.
  • When a block occurs, the output contains the custom block message instead of the original prompt.

No binary data output is produced by this node.

Dependencies

  • Requires an API key credential for Prisma AIRS service authentication.
  • Makes HTTP POST requests to the Prisma AIRS API endpoint at https://service.api.aisecurity.paloaltonetworks.com/v1/scan/sync/request.
  • The node expects the Prisma AIRS host URL and API key to be configured in n8n credentials.
  • Optional metadata such as session ID, app user, user IP, app name, and AI model name can be provided to enrich the request context.

Troubleshooting

  • API Errors: If the Prisma AIRS API call fails, the node outputs an error message starting with Error calling Prisma AIRS API: followed by the error details. Check network connectivity, API key validity, and Prisma AIRS service availability.
  • Missing Required Fields: Ensure that required properties like the prompt text and AI profile names are correctly set; missing these will cause the node to fail or behave unexpectedly.
  • Unexpected Actions: If the node returns "Unknown issue." in the output, it indicates an unrecognized action from the Prisma AIRS response. Verify that the Prisma AIRS service and profiles are properly configured.
  • Blocking Behavior: When a prompt injection attack is detected, the node replaces the prompt with the custom block message. Make sure this message is clear to end users to avoid confusion.

Links and References

Discussion