What Is Prompt Injection?
Prompt Injection is an attack technique in which malicious input is crafted to override or circumvent the intended instructions of an AI system, causing it to behave in unintended ways.
Prompt Injection — an attack technique in which malicious input is crafted to override or circumvent the intended instructions of an AI system, causing it to behave in unintended ways.
Prompt injection is the AI-era equivalent of SQL injection. In direct prompt injection, the attacker controls the user input. In indirect prompt injection, the attack is embedded in content the AI retrieves (a webpage, email, document) that overrides the system prompt. Agentic AI systems — those that take real-world actions based on AI reasoning — face elevated prompt injection risk because a successful attack can trigger consequential actions. OWASP has published a Top 10 for Large Language Model Applications that ranks prompt injection as the highest-priority risk.
Source: OWASP LLM Top 10 (2025); NIST AI 100-2 (adversarial ML)
Plain-language explanation
Prompt injection is the AI-era equivalent of SQL injection. In direct prompt injection, the attacker controls the user input. In indirect prompt injection, the attack is embedded in content the AI retrieves (a webpage, email, document) that overrides the system prompt. Agentic AI systems — those that take real-world actions based on AI reasoning — face elevated prompt injection risk because a successful attack can trigger consequential actions. OWASP has published a Top 10 for Large Language Model Applications that ranks prompt injection as the highest-priority risk.
See where you stand on AI governance
Take the free 7-question maturity assessment and get a personalised action plan.
Free assessment — 3 minutes →