What is Prompt Injection?

Prompt injection is the tactic of embedding crafted inputs that manipulate a language model into changing its behavior by exploiting how prompts guide outputs. An attacker designs prompts or includes directives within user input that the model treats as part of its instructions, causing it to follow malicious commands, reveal hidden prompts, or ignore safety rules. This is why describing an attack where prompts are used to alter the model’s behavior is the best fit. Other ideas describe defenses (input sanitization), unrelated auditing tricks, or optimization, none of which capture the security risk of prompt-driven behavior changes. For example, a prompt that tells the model to override its safety rules or to adopt a dangerous persona illustrates how prompt injection can steer the model off its intended path. To mitigate, protect and compartmentalize system prompts, validate and sandbox inputs, and implement layered guardrails and monitoring.