Anatomy of an Indirect Prompt Injection
www.fogel.dev
Why ordinary-looking emails, comments, and diagrams can hijack LLMs

A breakdown of indirect prompt injection attacks using real-world cases (emails, code comments, diagrams). Introduces the CFS model (Context, Format, Salience) to explain what makes some payloads more likely to succeed. Comments