Merge pull request #21641 from github/josefs/promptInjectionImprovements

Improve prompt inject for Python

Author: josefs

python/ql/lib/semmle/python/frameworks/anthropic.model.yml

@@ -0,0 +1,17 @@
+extensions:
+  - addsTo:
+      pack: codeql/python-all
+      extensible: sinkModel
+    data:
+      - ['Anthropic', 'Member[messages].Member[create].Argument[system:]', 'prompt-injection']
+      - ['Anthropic', 'Member[messages].Member[stream].Argument[system:]', 'prompt-injection']
+      - ['Anthropic', 'Member[beta].Member[messages].Member[create].Argument[system:]', 'prompt-injection']
+      - ['Anthropic', 'Member[messages].Member[create].Argument[messages:].ListElement.DictionaryElement[content]', 'prompt-injection']
+      - ['Anthropic', 'Member[messages].Member[stream].Argument[messages:].ListElement.DictionaryElement[content]', 'prompt-injection']
+      - ['Anthropic', 'Member[beta].Member[messages].Member[create].Argument[messages:].ListElement.DictionaryElement[content]', 'prompt-injection']
+
+  - addsTo:
+      pack: codeql/python-all
+      extensible: typeModel
+    data:
+      - ['Anthropic', 'anthropic', 'Member[Anthropic,AsyncAnthropic].ReturnValue']

python/ql/lib/semmle/python/frameworks/openai.model.yml

@@ -4,6 +4,9 @@ extensions:
       extensible: sinkModel
     data:
       - ['OpenAI', 'Member[beta].Member[assistants].Member[create].Argument[instructions:]', 'prompt-injection']
+      - ['OpenAI', 'Member[chat].Member[completions].Member[create].Argument[messages:].ListElement.DictionaryElement[content]', 'prompt-injection']
+      - ['OpenAI', 'Member[responses].Member[create].Argument[instructions:]', 'prompt-injection']
+      - ['OpenAI', 'Member[responses].Member[create].Argument[input:]', 'prompt-injection']
 
   - addsTo:
       pack: codeql/python-all