Skip to content
ai-supply.store
खोजेंश्रेणियाँलीडरबोर्डसमुदायAgent APIFAQ
साइन इनमुफ़्त साइन अप
catalog / Language & NLP / Brex Prompt Engineering Guide
❝PromptLanguage & NLPFree

Brex Prompt Engineering Guide

Brex's in-depth public guide to prompt engineering and working with GPT-4-class models.

@ai-supply
इंस्टॉल1.8k
↗ सोर्स रिपॉज़िटरी
← More Language & NLPLanguage & NLP leaderboard →How we grade security →Source ↗

Brex Prompt Engineering Guide

A well-known, in-depth guide to working with large language models like GPT-4, written by Brex for its engineers and released publicly.

It walks through how these models work, prompt construction, few-shot and chain-of-thought techniques, common pitfalls, and practical tips — a strong conceptual reference rather than a code library.

MIT licensed and text-based, making it easy to read, fork, and adapt into internal documentation.

Rating rank
#1
of 30 in Language & NLP
Install rank
#26
of 30 in Language & NLP
Security score
100/100 · A
safe
Security rank
#1
of 30 in Language & NLP
Installs
1.8k
cat avg 145k
This listing vs category average
Installs
this
cat avg
Security (of 100)
this
cat avg
Adoption trend
See the Language & NLP leaderboard →
✓ Security: Safe · 100100/100 · grade Ascanned 15h ago
✓ no compromise signals2 risk-surface · 3/20 OWASP controls flagged

Compromise signals — malicious or tampered code (leaked secrets, backdoors, a dropped executable) — reduce the score, and known dependency CVEs carry a bounded penalty (they warrant review but never QUARANTINE — update the dependency to clear). Other dangerous-by-capability traits are risk surface, expected for some capabilities. Every finding is mapped to its OWASP control below.

Prompt card · low confidence (static)
injection surface present⚠ jailbreak taxonomy present

Findings mapped to the OWASP Top 10 for LLM Applications (2025) and the OWASP Machine Learning Security Top 10. Expand any flagged control for the exact findings — compromise reduces the score; expected/risk-surface do not.

OWASP Top 10 for LLM Applications
⚠LLM01Prompt Injectionhigh
Adversarial instructions embedded in an artifact that hijack a downstream LLM.
•Prompt-injection phrasing — instruction-subversion language detected · brexhq-prompt-engineering-50871be/README.md (CWE-77)expected
⚠LLM06Excessive Agencylow
Over-broad tool/permission surface or unrestricted egress.
•Broad capability surface — 3 high-impact capability categories referenced — verify least-privilege · brexhq-prompt-engineering-50871be/README.md (CWE-272)risk surface
§LLM09MisinformationGovernance
Artifacts designed to produce false/deceptive output.
Detectable only by runtime behavioral evaluation; addressed via responsible-use attestation.
◷LLM10Unbounded ConsumptionRuntime-enforced
Unbounded loops/recursion causing DoS or runaway cost.
Enforced at runtime by the gateway (rate limits + spend caps + size caps); static check flags unbounded loops.
✓LLM02Sensitive Information DisclosurePassed
✓LLM03Supply ChainPassed
✓LLM04Data and Model PoisoningPassed
Backdoors/poisoning in training data or serialized models.
Behavioral poisoning needs model execution; static check covers unsafe serialization + dataset skew only.
✓LLM05Improper Output HandlingPassed
✓LLM07System Prompt LeakagePassed
✓LLM08Vector and Embedding WeaknessesPassed
PII or plaintext source leakage in embedding/vector exports.
Embedding inversion/poisoning is largely runtime; static check covers PII in vector exports.
OWASP Machine Learning Security Top 10
⚠ML02Data Poisoninghigh
Poisoned training datasets with triggers or anomalous distributions.
Static check covers trigger phrasing, PII and label skew; full poisoning detection is runtime.
•Prompt-injection phrasing — instruction-subversion language detected · brexhq-prompt-engineering-50871be/README.md (CWE-77)expected
§ML01Input Manipulation (Adversarial)Governance
Models vulnerable to adversarial perturbations.
Requires runtime robustness evaluation; addressed via publisher robustness attestation.
§ML03Model InversionGovernance
Training data reconstructable from a model's outputs.
Runtime/evaluation property; addressed via model-card data-provenance + DP attestation.
§ML04Membership InferenceGovernance
Determining whether a record was in the training set.
Runtime/evaluation property; addressed via overfitting disclosure + DP attestation.
§ML08Model SkewingGovernance
Models trained on skewed data producing biased output.
Requires fairness evaluation; addressed via model-card bias/limitations disclosure.
◷ML09Output IntegrityRuntime-enforced
Middleware tampering with model outputs in transit.
Gateway enforces TLS + response integrity; static check flags output-rewriting code.
✓ML05Model TheftPassed
Unlicensed re-distribution / license-incompatible derivatives.
Static check verifies license declaration; extraction throttling is runtime.
✓ML06AI Supply ChainPassed
✓ML07Transfer Learning AttackPassed
Backdoored base models / LoRA adapters propagating to derivatives.
Backdoor detection needs behavioral probing; static check covers unsafe serialization + provenance.
✓ML10Model Poisoning (Weights)Passed
Tampered model weight files; integrity must be verifiable.
Static check enforces safe formats + records a content hash for downstream verification.
Other findings (1) · hygiene / uncategorized
•Unrecognized file type — '.?' is not on the allowlist · brexhq-prompt-engineering-50871be/LICENSErisk surface
✔ verified source · pinned brexhq-prompt-engineering-50871be
Check against a policy

The same gate an agent runs before installing (POST /api/v1/trust/brex-prompt-engineering-guide/check). Click a policy:

Consume Brex Prompt Engineering Guide programmatically. Authenticate with an API key or session — see Authorize an agent.

# Agents: CHECK BEFORE YOU INSTALL (no auth) — score, grade, level, capability manifest
curl https://ai-supply.store/api/v1/trust/brex-prompt-engineering-guide

# Gate against your org policy (returns { pass, violations })
curl -X POST https://ai-supply.store/api/v1/trust/brex-prompt-engineering-guide/check \
  -H "Content-Type: application/json" \
  -d '{"minGrade":"B","denyPermissions":["shell"],"denyUnknownEgress":true}'

# CLI
npx ai-supply add brex-prompt-engineering-guide

# REST (install → download)
curl -X POST https://ai-supply.store/api/v1/listings/brex-prompt-engineering-guide/install \
  -H "Authorization: Bearer $AIM_KEY"

# MCP tool
install_listing({ "slug": "brex-prompt-engineering-guide" })
OpenAPI spec →
vlatest
✓ Security: Safe · 10017h ago

Curated mirror — latest upstream source. See the repository for tagged releases.

Sign in and install this listing to leave a review.

More from @ai-supply

View profile →
◉Agent
MetaGPT
Multi-agent framework that assigns GPT roles (PM, engineer, QA) to solve complex software tasks end-to-end.
↓ 1.0M
⇄Connector
vLLM
High-throughput, memory-efficient LLM inference engine with PagedAttention and continuous batching.
↓ 892k
⇄Connector
Meilisearch
Lightning-fast open-source search engine with typo-tolerance, semantic hybrid search, and sub-50ms response times.
↓ 811k
△Eval
Weights & Biases (wandb)
ML experiment tracking and visualization — log metrics, hyperparameters, models, and media in real time.
↓ 784k
ai-supply.store

मुफ़्त, सुरक्षा-जाँची गई AI क्षमताएँ — skills, MCPs, plugins, agents, datasets और बहुत कुछ, हर एक ग्रेडेड और ताज़गी-ट्रैक्ड, और इंसानों तथा agents दोनों के लिए बनाई गई।

api · v3.1status · all green
संपर्क करें
support@ai-supply.storesecurity@ai-supply.store
कैटलॉग
  • खोजें
  • श्रेणियाँ
  • लीडरबोर्ड
  • बेंचमार्क
  • सुरक्षा
समुदाय
  • समुदाय
  • FAQ
एजेंट के लिए
  • क्विकस्टार्ट (60s)
  • एजेंट अधिकृत करें
  • Agent API
  • OpenAPI स्पेसिफिकेशन
बिल्डर्स के लिए
  • प्रकाशित करें
  • डैशबोर्ड
खाता
  • खाता बनाएँ
  • साइन इन
  • सेटिंग्स
कानूनी
  • नियम व शर्तें
  • प्रकाशक अनुबंध
  • स्वीकार्य उपयोग नीति
  • गोपनीयता