Back to Glossary
AdvancedAI Glossary

Prompt Injection

Quick Answer

Prompt injection is a class of security vulnerability where a malicious input manipulates an LLM into ignoring its instructions, leaking confidential information, or taking unintended actions. It is the most important emerging AI security risk for organisations.

In Depth

What Prompt Injection really means

Direct prompt injection happens when an attacker types adversarial instructions into a chat. Indirect prompt injection happens when an LLM reads malicious content from a document, email or web page it was asked to summarise, and then acts on it.

Mitigations include isolating untrusted content, restricting tool permissions, output validation, authentication of sensitive actions, and human-in-the-loop approval for high-impact steps. No single control is sufficient; defence in depth is essential.

Why It Matters

Business relevance for UK organisations

Any UK business deploying agentic AI, RAG or email-processing AI is exposed to prompt injection. Treating it as a security issue — with the same rigour as SQL injection — is now a board-level responsibility.

Real-world example

How this shows up in practice

A London professional services firm discovered a prompt-injection payload embedded in a PDF that attempted to instruct its AI assistant to forward confidential client data. The attempt was blocked by its output-validation layer.

Related Terms

Continue exploring

Business

AI Governance

AI governance is the set of policies, roles, controls and oversight mechanisms that ensure AI is used responsibly, safely and in line with law and organisational values. Effective governance is proportionate — tight where risk is high, light where risk is low.

Technical

Large Language Model (LLM)

A Large Language Model (LLM) is a type of neural network trained on vast quantities of text to understand and generate human language. LLMs power chatbots, copilots, content generators and many modern AI features across consumer and business software.

Advanced

Agentic AI

Agentic AI refers to systems that can pursue goals autonomously by planning, taking actions across tools, observing outcomes and adapting their approach. Agentic systems go beyond single-turn question answering to execute multi-step workflows on a user's behalf.

Put Prompt Injection to work in your business

WayaNerd helps UK organisations translate AI concepts into measurable commercial outcomes. Let us show you how.

Explore Our Services