Indirect Prompt Injection

Reason about indirect prompt injection where instructions ride into the model via retrieved or fetched content (web pages, emails, RAG documents, file uploads). Learn the attack family conceptually, the agent-trust problem (the model cannot tell instructions from data), canonical scenarios that show up in real products, eval patterns, and the defence stack (provenance tracking, content sanitation, capability constraints, human-in-loop on high-risk actions).

Start Topic → View All Lessons
6
Lessons
📋
Templates
Practitioner-Ready
100%
Free

Lessons in This Topic

Work through these 6 lessons in order, or jump to whichever is most relevant.

📋

Indirect Prompt Injection Overview

Advanced
📋

Agent-Trust Problem

Advanced
📋

Canonical Scenarios

Advanced
📋

Eval Patterns

Advanced
📋

Defence Stack

Advanced
📋

OWASP & Frontier-Lab Framing

Advanced