Prompt Injection: How Hackers Hijack Your AI Assistant

Prompt injection hides instructions in text your AI reads, tricking it into ignoring you and obeying an attacker.

Indirect attacks are worse: malicious commands sit on a webpage, email or document your AI opens on your behalf.

Agentic browsers that click, type and pay raise the stakes from leaked data to real-world actions.

There's no clean fix yet — LLMs can't reliably tell your orders from instructions buried in content.

Limit what your AI agent can access, confirm sensitive actions yourself, and never let it auto-act on untrusted pages.