datarekha
NLP & LLMs Medium

What is prompt injection, and what is the difference between direct and indirect injection?

For AI / LLM EngineerMLOps EngineerML Engineer
The short answer

Prompt injection is an attack where adversarial instructions override the system's intended behavior. Direct injection comes from the user input itself, such as ignore previous instructions, while indirect injection hides malicious instructions in external content the model ingests, such as a web page, document, or tool output, that the model then follows.

How to think about it

Prompt injection is an attack where adversarial instructions override the system’s intended behavior. Direct injection comes from the user input itself, such as ignore previous instructions, while indirect injection hides malicious instructions in external content the model ingests, such as a web page, document, or tool output, that the model then follows.

Learn it properly Prompt injection & guardrails

Keep practising

What is prompt injection and how do you defend against it? How would you defend an LLM application against prompt injection? What are the major security risks of deploying autonomous agents? What prompt engineering techniques should every LLM practitioner know? When should you use prompt engineering versus fine-tuning to adapt an LLM?
All NLP & LLMs questions

Explore further

Agent Security Prompt patterns that work Few-shot & chain-of-thought
Prompt Injection Prompt Engineering Confused Deputy Few-Shot Learning
Skip to content