Indirect Injection

Indirect injection involves embedding malicious prompts within external data sources that the LLM processes, such as websites, documents, or emails. AI Red Teamers test this by poisoning data sources the AI might interact with (e.g., adding hidden instructions to a webpage summarized by the AI) to see if the AI executes unintended commands or leaks data when processing that source.

Learn more from the following resources:

• @paper@The Practical Application of Indirect Prompt Injection Attacks
• @article@How to Prevent Indirect Prompt Injection Attacks
• @article@Indirect Prompt Injection Data Exfiltration