Prompt injection is an attack against AI applications in which crafted input causes a large language model to ignore its original instructions and follow the attacker's instead. Because LLMs cannot reliably separate trusted instructions from untrusted data, attacker-controlled text can hijack the model's behavior. It is the number one risk in the OWASP Top 10 for LLM Applications.
Direct prompt injection comes from the user typing malicious instructions. Indirect prompt injection is more dangerous: the payload hides in content the model later reads, such as a web page, document, or email, and triggers when the model processes it.
In agentic systems the stakes rise, because a hijacked model can call tools, send data, or take actions on the attacker's behalf. There is no single fix; defenses layer input handling, output constraints, least-privilege tool access, and adversarial testing.
traztech delivers prompt injection and LLM adversarial testing for startups and growth-stage companies, led by a published CVE researcher.
Book a call