Indirect prompt injection via retrieved content

jailbreak:prompt-injection-indirect

JailbreakPatternextensions/compliance/jailbreak-patterns.yaml·Open in Graph →

Attributes

displayName

Indirect prompt injection via retrieved content

technique

indirect-injection

severity

critical

signature

Retrieved documents containing imperative instructions targeting the assistant ("Ignore previous instructions and ...").

description

Adversarial instructions hidden in retrieved web pages, PDFs, or emails that the agent ingests as context.

None.

detects_jailbreak1

content-policy:default-acceptable-use·ContentPolicyDefault acceptable-use policy