paper reviewed open access llmsec-2023-00001

Not What You've Signed Up For: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection

Kai Greshake, Sahar Abdelnabi, Shailesh Mishra, Christoph Endres, Thorsten Holz, Mario Fritz

2023-05 — AISec 2023 450 citations

Abstract

Introduces indirect prompt injection attacks against LLM-integrated applications, demonstrating how adversaries can remotely control LLMs by injecting prompts into data sources the LLM retrieves.

Framework Mappings

OWASP LLM: LLM01 MITRE ATLAS: AML.T0051

Cite This Resource

@article{llmsec202300001,
  title = {Not What You've Signed Up For: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection},
  author = {Kai Greshake and Sahar Abdelnabi and Shailesh Mishra and Christoph Endres and Thorsten Holz and Mario Fritz},
  year = {2023},
  journal = {AISec 2023},
  doi = {10.1145/3605764.3623985},
  url = {https://arxiv.org/abs/2302.12173},
}

Metadata

Added: 2026-04-14
Added by: manual
Source: manual
arxiv_id: 2302.12173

Not What You've Signed Up For: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection

Abstract

Categories

Tags

Framework Mappings

Cite This Resource

Metadata