Prompt Injection

A security attack where malicious input tricks an AI agent into ignoring its instructions and executing unintended actions. Direct injection embeds commands in user messages; indirect injection hides them in data the agent retrieves (emails, web pages, documents). Defenses include input sanitization, output filtering, instruction hierarchy, and sandboxing agent actions behind approval gates. Critical for any agent that reads external data.