Prompt Injection Risk
Jump to navigation
Jump to search
A Prompt Injection Risk is a security risk that can compromise AI system behavior through malicious prompt manipulation.
- AKA: Prompt Attack Risk, Input Manipulation Risk, AI Security Vulnerability.
- Context:
- It can typically exploit Input Processing through adversarial prompts.
- It can typically bypass Safety Guardrails through crafted instructions.
- It can typically manipulate System Behavior through context hijacking.
- It can typically extract Sensitive Information through prompt engineering.
- It can typically override System Instructions through priority exploitation.
- ...
- It can often target Multi-Modal Systems through cross-modal attacks.
- It can often exploit Context Windows through overflow techniques.
- It can often leverage Role Playing through persona manipulation.
- It can often utilize Encoding Tricks through obfuscation methods.
- ...
- It can range from being a Low-Severity Prompt Injection Risk to being a Critical Prompt Injection Risk, depending on its risk impact level.
- It can range from being a Direct Prompt Injection Risk to being an Indirect Prompt Injection Risk, depending on its risk attack vector.
- It can range from being a Detectable Prompt Injection Risk to being a Stealthy Prompt Injection Risk, depending on its risk visibility.
- ...
- It can integrate with Security Assessment Tools for vulnerability detection.
- It can connect to Monitoring Systems for attack identification.
- It can utilize Defense Mechanisms for risk mitigation.
- It can implement Audit Systems for incident tracking.
- ...
- Example(s):
- Direct Injection Risks, such as:
- Indirect Injection Risks, such as:
- Application-Specific Risks, such as:
- ...
- Counter-Example(s):
- Legitimate Prompt Variations, which lack malicious intent.
- System Errors, which lack adversarial design.
- User Mistakes, which lack exploitation objective.
- See: AI Security, Adversarial Attack, System Vulnerability, Security Mitigation.