Prompt Injection and Context Attacks
Synthesis
Prompt injection remains a cross-cutting attack class whenever untrusted content can influence instructions, retrieved context, tools, or user-facing workflows.
Evidence Base
This page was generated from the batch ingest of SRC-20260702-raw-papers-batch, SRC-20260702-raw-whitepapers-batch, and SRC-20260702-raw-news-batch. Treat it as a navigation and synthesis page; promote individual statements into claim pages when they become decision-relevant.
Representative Sources
| Title | Kind | Date | Tags | Raw |
|---|---|---|---|---|
| InkJect: The Visual Prompt Injection That Text Defenses Were Never Built to Stop | industry_blog | 2026-07-01 | ai-security, indirect-prompt-injection, multimodal-agent, visual-prompt-injection, vlm | raw |
| Prompt Injection in Automated Résumé Screening with Large Language Models: Single and Multi-Injectio | paper | 2026-06-25 | Jane Yi Jiang, Jiannan Xu, Preet Baxi, Stefanus Jasin, decision-integrity, hiring-workflow | raw |
| When AUC 0.998 Is Not Enough: A Candidate Evaluation Protocol for Hidden-State Probes of Indirect Pr | paper | 2026-06-22 | ai-security, computer-use-agent, evaluation, hidden-state-probes, indirect-prompt-injection, multimodal-agent | raw |
| Confidently Wrong: Severity-Aware Calibration of Prompt-Injection Detectors under Attack Shift | paper | 2026-06-22 | ai-security, detector-calibration, evaluation, prompt-injection, robustness | raw |
| A Layered Security Framework Against Prompt Injection in RAG-Based Chatbots | paper | 2026-06-18 | ai-security, chatbot-security, defense, prompt-injection, rag | raw |
| Game-Theoretic Multi-Agent Control for Robust Contextual Reasoning in LLMs | paper | 2026-06-12 | ai-security, context-poisoning, mcp, multi-agent-control, prompt-injection, rollback | raw |
| The Injection Paradox: Brand-Level Suppression in Safety-Trained LLM Recommendations via RAG Context | paper | 2026-06-08 | ai-security, context-injection, prompt-injection, rag, recommendation | raw |
| What If Prompt Injection Never Left? Exploring Cross-Session Stored Prompt Injection in Agentic Syst | paper | 2026-06-03 | Liya Su, Suchen Liu, Tianyun Liu, Tingwen Liu, Yingjie Zhang, Yuanbo Xie | raw |
| AI Agents May Always Fall for Prompt Injections | paper | 2026-05-17 | contextual-integrity, defense-limitations, information-flow, prompt-injection, security-for-ai | raw |
| Defending LLM Agents Against Context-Aware Prompt Injection | paper | 2026-05-05 | agents, ai-security, context-aware-attacks, defenses, prompt-injection | raw |
| InjecAgent: Benchmarking Indirect Prompt Injections in Tool-Integrated Large Language Model Agents | paper | 2024-03-05 | agents, ai-security, benchmarks, prompt-injection, tool-use | raw |
| Benchmarking Prompt-Injection Attacks on Tool-Integrated LLM Agents | paper | 2024 | ai-security, data-exfiltration, privacy, prompt-injection, tool-integrated-agents | raw |
Open Questions
- Which evidence in this cluster is strongest enough to support a stable claim?
- Which results generalize across models, tools, and deployment settings?
- Which controls have been evaluated under realistic adversarial conditions?