Prompt injection is when user input overrides system instructions. Direct injection puts malicious instructions in user messages. Indirect injection hides instructions in retrieved documents or tool outputs. Defenses include input sanitization, output validation, privilege separation, and canary tokens. No defense is 100% reliable yet — defense in depth is essential.
The 5-Mode Loop
5 of 5 modes available
Read · See · Animate · Test · Build
Before this, understand: system prompts
Where this topic shows up outside its home domain: