Prompt Injection

prompt-injectionmanipulationllmcontrol-flow

Attackers manipulate model behavior by injecting malicious prompts, causing the model to ignore instructions, leak data, or perform unintended actions.

Technical Details

Affected Components:

Language Models (LLMs)Orchestration (Control Flow)kc7.3

Impact Level:High

Attack Vectors

Direct Prompt Injection: User-supplied input alters model instructions or context. [High]
Indirect Prompt Injection: Malicious content from external sources (e.g., web, email) is injected into the prompt context. [High]
Goal Hijacking: Manipulating the model to pursue attacker-defined objectives. [Medium]

Impact Analysis

Risk Score: 9/10

Mitigation Categories

References

OWASP LLM Top 10: Prompt Injection
NIST AI RMF