Prompt Injection
An attack where malicious text in the input overrides the developer’s instructions.
Prompt injection exploits the fact that a model can’t reliably tell instructions from data — a command hidden in a user message, document, or web page can make an agent leak secrets or misuse tools. Indirect injection hides the payload in content the agent reads on its own; defenses are layered (instruction hierarchy, sanitizing, output filtering, tool permissions).