01
Indirect prompt injection
- How it lands
- Malicious instructions hide in emails, tickets, web pages, or RAG docs the agent later reads.
- What breaks
- The agent treats poisoned content as trusted context — then exfiltrates data or fires dangerous tools.
- Why you need EEG
- Traditional AppSec never sees the payload: it looks like a normal document until the model executes it.



