NextChat

✨ Light and Fast AI Assistant. Support: Web | iOS | MacOS | Android | Linux | Windows

ChatGPTNextWebai-mlTypeScriptMIT
GitHub
/100
Unscanned
0Tools
0Findings
87.6kStars
Downloads
Mar 24, 2026Last Scanned

Security Category Deep Dive

Sub-Category Tree · Remediation Roadmap · Attack Stories · Compliance Overlay · ATLAS Techniques · Maturity Model

Prompt Injection
Prompt & context manipulation attacks
69
MATURITY
14
RULES
5
SUB-CATS
1
GAPS
64%
IMPL.
56
TESTS
1
STORIES
PI-DIRDirect Input Injection
100%3 rules
Injection via tool descriptions and parameter fields
GAP-001Prompt Injection Coverage GapMissing detection coverage for emerging prompt injection attack variants not addressed by current rules
PI-INDIndirect / Gateway Injection
100%4 rules
Hidden instructions via external content and tool responses
PI-CTXContext Manipulation
100%2 rules
Context window saturation and prior-approval exploitation
PI-ENCEncoding & Obfuscation
100%3 rules
Payload hiding via invisible chars, base64, schema fields
PI-TPLTemplate & Output Poisoning
100%2 rules
Injection via prompt templates and runtime tool output
Framework Coverage
OWASP MCP Top 1014/14
MITRE ATLAS14/14
CoSAI MCP2/14
OWASP Agentic Top 1012/14
Kill Chain Phases
0Initial Access
0Defense Evasion
0Execution
0Persistence
NextChat Security Report — MCP Sentinel