AI Sensitive Data in Prompts
Supplies the AI-prompt context signal (typed prompts, Copilot/Copilot Chat/Studio, uploaded files) so existing PII/regulated-data SITs can be re-scoped to AI prompts via the ai-threat-classifiers collection. Known coverage gap (from the library): native DLP scans typed prompt text, not uploaded file contents, in the Copilot location.
- Type
- keyword_list
- Confidence
- low
- Confidence justification
- Low by design. This pattern only asserts an AI-prompt context, not the presence of sensitive data; the sensitive-data verdict is delegated to existing PII/regulated-data SITs re-scoped via the collection. AI-prompt phrasing also appears around approved internal analysis and test data (the named FP traps). Known coverage gap: native DLP scans typed prompt text, not uploaded file contents, in the Copilot location, so prompts that attach files may evade detection regardless of this context marker.
- Jurisdictions
- global
- Regulations
- OWASP LLM Top 10 2025, NIST AI RMF GenAI Profile
- Frameworks
- ISO 27001
- Data categories
- emerging, security
- Risk rating
- 6
Pattern
(?i)\b(?:in (?:the |my )?(?:copilot|AI) prompt|prompt to (?:copilot|the assistant)|I asked (?:copilot|the AI)|copilot chat)\bCorroborative evidence keywords
prompt, copilot, asked, uploaded, AI, artificial intelligence, LLM, large language model, Copilot, chatbot, assistant, agent, system prompt, tool call, completion, model
Proximity: 300 characters
Should match
In my Copilot prompt I included the full customer record for analysis.— AI-prompt context marker (PII detection delegated to existing SITs)
Should not match
The analyst reviewed the customer record in the CRM.— Non-AI workflow, no prompt context