Tag
#indirect-prompt-injection
4 posts tagged indirect-prompt-injection.
- incident
Anatomy of a Real Prompt Injection: The Bing Chat / Sydney Case
In early 2023, Bing Chat became the first widely-publicized case of indirect prompt injection in a deployed commercial LLM.
- offensive
Indirect Prompt Injection Against a Llama 3 RAG Pipeline: How the Attack Classes Work
A documentation-based walkthrough of indirect prompt injection against an unhardened Llama 3.1 8B document-QA pipeline: the four attack classes, the
- primer
A Working Taxonomy of Prompt Injection Attack Types
Direct, indirect, multi-modal, and agentic prompt injection are distinct attack classes with different trust boundaries, attacker access requirements, and
- primer
Prompt Injection vs. Jailbreaking: Two Conflated Attack Classes
Prompt injection and jailbreaking both use natural language to subvert LLM behavior, but the attacker, the trust boundary that breaks, and the defenses