AI Posture Check Take the Check
Glossary

Indirect Prompt Injection

Prompt injection delivered through retrieved or referenced content (web pages, documents, emails) rather than direct user input.

Context and detail

Why it's harder to defend than direct injection. Real attack scenarios. Mitigations.

Related terms

  • Prompt Injection — An attack where crafted input causes an LLM to override its instructions or context. Direct injection comes through user input. Indirect injection comes through retrieved or referenced content the LLM processes.
  • RAG Security — Security considerations specific to Retrieval-Augmented Generation pipelines: vector-store access control, corpus integrity, embedding inversion, indirect prompt injection.

See how indirect prompt injection maps to your AI posture.

The free AI Posture Check produces a per-dimension score and maps your gaps to OWASP LLM Top 10, NIST AI RMF, and ISO 42001.

Take the AI Posture Check