Skip to main content
Enterprise Feature — Droid Shield Plus is available for enterprise customers. Contact us to enable this feature for your organization.

What is Droid Shield Plus?

Droid Shield Plus is an advanced AI-powered security layer that provides real-time protection against prompt injection attacks, sensitive data exposure, and other security threats. Unlike the standard Droid Shield which uses pattern-based detection, Droid Shield Plus leverages Palo Alto Networks Prisma AIRS (AI Runtime Security) to provide intelligent, context-aware security scanning.

Key Features

Prompt Injection Detection

Identifies and blocks malicious prompt injection attempts designed to manipulate AI behavior or bypass security controls.

Advanced Secrets Scanning

AI-powered detection of API keys, tokens, passwords, and credentials with higher accuracy and fewer false positives than pattern matching.

Sensitive Data Protection (DLP)

Detects personally identifiable information (PII), financial data, and other sensitive information before it’s exposed in prompts or commits.

Malicious Code Detection

Identifies potentially dangerous code patterns and suspicious content that could pose security risks.

How Droid Shield Plus Works

Droid Shield Plus provides two layers of protection:

1. Prompt Security Scanning

Every prompt you send to Droid is automatically scanned before processing. If a threat is detected, the prompt is blocked and you’re notified: 
Droid Shield Plus has blocked this prompt due to detected: prompt injection, sensitive data.

If you believe this is a false positive, you can disable Droid Shield Plus in settings.
Detected threat categories:
  • Prompt Injection — Attempts to manipulate AI instructions
  • Sensitive Data (DLP) — PII, credentials, or confidential information
  • Toxic Content — Harmful or inappropriate content
  • Malicious Code — Suspicious code patterns

2. Git Commit Scanning

When you perform git commit or git push operations through Droid, Droid Shield Plus scans your staged changes using AI-powered analysis: 
Droid Shield Plus has detected potential secrets in your staged changes.

If you would like to override, you can either:
1. Perform the commit/push yourself manually
2. Disable Droid Shield Plus in settings
This provides significantly more accurate detection than regex-based scanning, catching:
  • Obfuscated or encoded secrets
  • Context-aware credential detection
  • Custom secret formats
  • Secrets embedded in complex code structures

Droid Shield vs Droid Shield Plus

FeatureDroid ShieldDroid Shield Plus
Detection MethodPattern/Regex matchingAI-powered analysis
Prompt ScanningNoYes
Git Commit ScanningYesYes
Prompt Injection DetectionNoYes
Sensitive Data (DLP)LimitedComprehensive
Toxic Content DetectionNoYes
Malicious Code DetectionNoYes
False Positive RateHigherLower
AvailabilityAll usersEnterprise
Powered ByBuilt-in patternsPalo Alto Networks Prisma AIRS
When Droid Shield Plus is enabled, it replaces the standard Droid Shield for git operations, providing enhanced AI-powered scanning instead of pattern-based detection.

Enabling Droid Shield Plus

1

Contact Factory

Reach out to [email protected] to enable Droid Shield Plus for your organization.
2

Enable in Settings

Once enabled for your organization:
  1. Run droid
  2. Enter /settings
  3. Navigate to the Security section
  4. Toggle “Droid Shield Plus (AI-Powered)” to On
3

Verify Activation

You’ll see a subtitle confirming: “AI-powered security scanning for prompt injection, sensitive data, and toxic content. Powered by Palo Alto Networks Prisma AIRS.”

Handling Blocked Prompts

When Droid Shield Plus blocks a prompt or git operation:
Carefully examine what was flagged. The error message will indicate the threat category (prompt injection, sensitive data, toxic content, or malicious code).
If sensitive data was detected:
  • Move secrets to environment variables
  • Use secure credential stores
  • Remove PII from prompts
If prompt injection was detected, rephrase your request to avoid patterns that could be misinterpreted as manipulation attempts.
If you believe the detection is incorrect, contact [email protected] with details about the false positive.
Never disable Droid Shield Plus just to bypass security checks. If content is being blocked, there’s likely a legitimate security concern that should be addressed.

Security & Privacy

Droid Shield Plus is powered by Palo Alto Networks Prisma AIRS, a leading AI runtime security platform:
  • Real-time Analysis — Prompts and code are scanned in real-time with minimal latency
  • Enterprise-Grade Security — Built on Palo Alto Networks’ industry-leading security infrastructure
  • Graceful Degradation — If the security service is temporarily unavailable, Droid continues to function while logging the issue

Droid Shield

Learn about the standard pattern-based secret detection included with all Droid accounts.

Security Overview

Comprehensive overview of Factory’s security features and practices.

Prisma AIRS Documentation

Prisma AIRS Overview

Official Palo Alto Networks documentation for Prisma AIRS AI Runtime Security platform.

Prisma AIRS API Reference

Developer documentation for the Prisma AIRS AI Runtime Security API.

Get Droid Shield Plus

Enable for Your Organization

Contact our sales team at [email protected] to enable Droid Shield Plus for your enterprise organization.