jailbreak:prompt-injection-indirect

{
  "id": "jailbreak:prompt-injection-indirect",
  "_kind": "JailbreakPattern",
  "_file": "extensions/compliance/jailbreak-patterns.yaml",
  "_cluster": "extensions",
  "attributes": {
    "displayName": "Indirect prompt injection via retrieved content",
    "technique": "indirect-injection",
    "severity": "critical",
    "signature": "Retrieved documents containing imperative instructions targeting the\nassistant (\"Ignore previous instructions and ...\").\n",
    "description": "Adversarial instructions hidden in retrieved web pages, PDFs, or emails\nthat the agent ingests as context.\n"
  },
  "outgoingEdges": [],
  "incomingEdges": [
    {
      "from": "content-policy:default-acceptable-use",
      "to": "jailbreak:prompt-injection-indirect",
      "kind": "detects_jailbreak",
      "attributes": {}
    }
  ]
}