prompt-injection
Safeguard articles tagged "prompt-injection" — guides, analysis, and best practices for software supply chain and application security.
127 articles
Red-Teaming AI Applications: A Field Guide
You cannot secure an LLM application by reading its code alone. You have to attack it the way an adversary will — with language, with poisoned content, and with the goal of making it do something it should not. Here is how to run an AI red team.
Integrating AI Tools Without Expanding Your Attack Surface
Stanford researchers found developers using AI coding assistants wrote more security bugs — and felt more confident in them. Here's how to adopt AI safely.
OWASP Top 10 for LLM Applications: A Practical Walkthrough
OWASP's 2025 LLM Top 10 added three new categories in one revision — here's what changed, why, and concrete mitigation patterns for each risk.
Prompt injection in AI coding assistant system prompts
Copilot, Cursor, and Windsurf all read untrusted repo text into the same channel as trusted instructions — three 2025 CVEs show what happens next.
Prompt injection via AI agent CI/CD workflow tampering
A single malicious PR title was enough to make three major AI coding agents leak API keys straight out of a GitHub Actions runner.
Protestware via prompt injection: when maintainers target AI agents
jqwik 1.10.0 shipped a hidden instruction telling AI coding agents to delete their own tests, then erased it from the terminal with ANSI codes — protestware built for agents, not humans.
What agentic coding environments reveal about developer risk
Snyk analyzed nearly 10,000 real developer environments and found 43% run 2+ AI coding tools at once — with MCP servers and skills quietly widening the attack surface.
LLM Jailbreak Prevention: A Defense-in-Depth Playbook
A jailbreak is not the same thing as a prompt injection, and conflating them leads to defenses that miss. Here is how modern jailbreaks actually work and the layered controls that hold the line.
Prompt Injection Prevention: A Defense-in-Depth Guide
Prompt injection is the top risk on the OWASP list for LLM applications for a reason: there is no single patch. Preventing it means layering controls around a model that cannot reliably tell instructions from data.
AI Agent Tool-Use Security: Locking Down What Agents Can Do
The moment you give an LLM tools, it stops being a chatbot and becomes an actor in your systems. Tool-use security is about making sure a compromised agent hits a wall instead of a credential.
RAG Security Best Practices for 2026
Retrieval-augmented generation wired an untrusted-content pipeline straight into your model's context window. Here are the practices that keep a poisoned document or a leaked chunk from becoming an incident.
Clinejection: prompt injection turns AI coding bot into supply chain attack
A prompt-injected GitHub issue title hijacked Cline's AI triage bot, poisoned its build cache, and pushed a malicious npm release to 4,000 developers.