Prompt Injection
A support bot follows instructions embedded in a customer-uploaded file.
AI applications introduce new security questions: which prompts are exposed to untrusted content, which tools agents can call, which outputs are trusted, and which teams own the risk.
A support bot follows instructions embedded in a customer-uploaded file.
An agent prioritizes a hostile instruction over the user's task.
A browser agent reads a page that asks it to reveal private workspace data.
A chatbot response includes confidential account notes from an internal knowledge base.
An agent can modify records and send messages without human approval.
An agent triggers a ticketing or email action based on untrusted input.
A generated command, query, or code block is executed without policy checks.
A third-party model integration lacks owner, purpose, and review metadata.
Risk scoring table
8 synthetic findings shown
| Risk area | Severity | System | Owner | Status | Finding |
|---|---|---|---|---|---|
| Prompt Injection | High | Support Assistant | AppSec | Open | |
| Prompt Hijacking | High | Autonomous Agent | AI Platform | In Review | |
| Indirect Prompt Injection | High | Browser Agent | Product Engineering | Open | |
| Data Leakage | High | RAG Chatbot | Security Operations | Mitigating | |
| Excessive Agency | Medium | Workflow Agent | Product Engineering | Open | |
| Insecure Tool Use | Medium | Ticketing Copilot | AI Platform | Planned | |
| Unsafe Output Handling | Medium | Code Assistant | AppSec | Mitigating | |
| AI Supply Chain Exposure | Low | Vendor Model | Governance | Planned |
Remediation checklist
FAQ
No. All findings, teams, owners, systems, and evidence on this site are fictional demo content.
Yes. Filters, rows, the dialog, and reset controls are keyboard-accessible HTML controls.