Glossary
한국어English
LLMEvaluation & SafetyUpdated 2026.04.28

Prompt Injection

Also known as프롬프트 주입Indirect Prompt Injection

In one line

Prompt injection is an attack where instructions hidden in untrusted data override the system prompt and force the LLM into unintended behaviour.

Going deeper

Prompt injection hides instructions inside the data an LLM consumes — emails, web pages, documents — saying things like 'ignore prior instructions and do X'. Direct injection puts the payload in the user's own input; indirect injection hides it in third-party content. As RAG and agents become standard, indirect injection is now the bigger worry.

For marketers it cuts in an unexpected direction: your content (and the third-party content you cite) can be a vector. If someone seeds malicious instructions into a page that an LLM later reads, the model can be coerced into producing the wrong answer. Content moderation is no longer just an SEO concern.

There is no silver bullet defence. The realistic posture is layered: separate trusted from untrusted content, enforce structured output, require user confirmation before high-impact actions. OWASP ranks prompt injection as the #1 risk in its LLM security Top 10.

Sources

Related terms

LLM

Jailbreak

A jailbreak is a prompt-level trick that bypasses an LLM's safety restrictions to force it into producing content the model is supposed to refuse.

LLM

Guardrails

Guardrails are the layer of input/output checks added around an LLM to block unsafe responses, policy violations and leakage of sensitive information.

LLM

System Prompt

A system prompt is the instruction sent to an LLM before any user message, defining the assistant's role, tone and rules — effectively the AI product's character.

LLM

AI Alignment

AI alignment is the field — and the practical work — of making AI systems behave in line with human intent, values and safety constraints.

LLM

RAG

RAG (Retrieval-Augmented Generation) lets an LLM fetch external documents at answer time and ground its response in them — the technique behind ChatGPT Search, Perplexity and most AI search products.

How does your brand show up in AI answers?

Villion measures how your brand appears across ChatGPT, Perplexity and AI Overviews, then automates the work that lifts citation rate and share of voice.

Get a free audit