Safeguard
Tag

prompt-injection

Safeguard articles tagged "prompt-injection" — guides, analysis, and best practices for software supply chain and application security.

127 articles

Agent Security

Supabase MCP and the Lethal Trifecta: When an Agent Has service_role

A Cursor user's Supabase MCP server was tricked by a support ticket into exfiltrating an integration_tokens table. The bug was not in MCP. It was in the trifecta.

Jul 23, 20257 min read
AI Security

Tool Poisoning Attacks: How Malicious Instructions Hide I...

AI agent tools can hide invisible instructions attackers use to steal data. Here's how tool poisoning attacks work and how Safeguard stops them.

Jul 22, 20256 min read
AI Security

Agent Skill Marketplaces as the Next Frontier for Supply ...

Agent skill marketplaces are repeating npm and PyPI's supply chain mistakes—except the malicious payload is often a sentence of instructions, not code. Here's what's already been exploited.

Jul 22, 20257 min read
AI Security

Prompt Injection vs Traditional Injection Attacks: A Tech...

SQL injection was solved by separating code from data. Prompt injection can't be, because in an LLM they share one channel. Here's the technical comparison, with real exploits and dates.

Jul 22, 20258 min read
AI Security

Why Autonomous Coding Agents Need Their Own Threat Model

Coding agents run with real credentials and no pause button. Here is the threat model that treats them as autonomous infrastructure, not junior developers.

Jul 21, 20257 min read
AI Security

How Malicious Payloads Get Smuggled Into Trusted AI Skill...

Attackers smuggle malicious payloads into trusted AI skill repositories via typosquats, staged fetches, and split-file obfuscation — here is exactly how it works.

Jul 20, 20258 min read
AI Security

Agentic AI Security Glossary: Tool Poisoning, Prompt Inje...

A precise glossary of agentic AI security terms — prompt injection, tool poisoning, model jailbreaking, excessive agency, and MCP rug pulls — with concrete attack examples.

Jul 20, 20258 min read
AI Security

Why Traditional SAST Tools Struggle to Analyze Agentic Co...

Agentic codebases build call graphs at runtime, defeating static analysis. Here's why SAST tools miss prompt injection and tool-schema risks—and how Safeguard closes the gap.

Jul 19, 20257 min read
AI Security

EchoLeak (CVE-2025-32711): The First Zero-Click LLM Exfiltration in Production

Aim Security's CVE-2025-32711 exfiltrated Microsoft 365 Copilot data via a single crafted email. The XPIA classifier failed, CSP let attackers through, and CVSS 9.3 followed.

Jun 24, 20256 min read
AI Security

EchoLeak (CVE-2025-32711): The First Zero-Click Production LLM Exfiltration

A single crafted email could exfiltrate data from Microsoft 365 Copilot without a user click. We walk the attack chain, the patch, and the lessons for agent operators.

Jun 19, 20256 min read
AI Security

What Is Prompt Engineering? A Security Guide for LLM Applications

Prompt engineering is how you steer an LLM, and it is also where a lot of application security now lives. Here is how to write prompts that resist injection and leakage.

Jun 11, 20256 min read
Agent Security

GitHub MCP Server Private-Repo Exfiltration: The May 2025 Invariant Labs Disclosure

Invariant Labs showed that a malicious GitHub Issue could hijack any MCP-connected agent into leaking private-repo contents. The architecture, not a bug, is the problem.

Jun 3, 20257 min read
prompt-injection (Page 10) — Safeguard Blog