Skip to main content
Before each deployment, UseAgents scans tool metadata for content that could override AI behavior or hijack downstream agents. This page explains what is checked and how to keep your metadata safe.

What we check

Tool metadata is scanned before each deployment. The following fields are checked:
  • Name
  • Description
  • Short description
  • Categories
  • Tags
If any field is flagged, the deployment fails and the UI shows which field failed, why, and how to fix it.

What prompt injection means here

Prompt injection is when natural-language fields contain instructions intended to:
  • Override AI behavior or system prompts
  • Jailbreak or bypass safety restrictions
  • Exfiltrate data or hijack downstream tool consumption
Examples of problematic content include:
  • Ignore previous instructions
  • You are now
  • System prompt:
  • Hidden instructions inside code blocks
  • Jailbreak or bypass-related language

Avoid these patterns

PatternExample
Override instructionsIgnore previous instructions, Disregard prior
Role changesYou are now, New instructions:
System prompt injectionSystem prompt:, System:
Code blocks with instructionsInstructions hidden in code blocks or special formatting
Bypass languageJailbreak, Bypass safety

Write safe metadata instead

Keep descriptions factual and neutral. Focus on:
  • What the tool does
  • Integrations and use cases
  • How agents should use it
Describe the tool. Do not try to instruct the AI that reads it.

If deployment fails

  1. Open the deployment details page.
  2. Open the Verification step.
  3. Review the flagged fields, reasons, and suggested fixes.
  4. Use Edit Tool to update the metadata.
  5. Redeploy.

Safe writing checklist

  • Describe product behavior, capabilities, and integration points.
  • Avoid telling the reading AI what to do or ignore.
  • Keep content plain, specific, and free of hidden instructions.
  • Remove roleplay, jailbreak language, and system-prompt framing.