Infosec glossary
Prompt Injection
Prompt injection became a core AI security term because language-based systems can be manipulated in ways that look different from traditional input handling problems. The term is useful when it clearly describes instruction override, context manipulation, and unintended model behavior.
Why prompt injection matters
Language models process instructions and data through the same general medium: text or semantically interpretable input. That creates a unique problem where hostile or misleading input can compete with or override intended instructions.
This is why prompt injection matters in AI security. The issue is not only model output quality. It is the security risk created when the system treats malicious input as valid instruction context.
How the attack is usually described
Prompt injection is usually described through direct or indirect instruction manipulation. In a direct case, the adversary inserts instructions openly. In an indirect case, the malicious input is embedded in content the system later processes, such as documents, web pages, or workflow inputs.
That distinction helps the term stay precise, especially in agent and retrieval-connected systems where the model is consuming outside content as part of the task.
- Direct instruction override
- Indirect prompt manipulation through content
- Unintended data or behavior exposure
- Risk in agents, assistants, and retrieval workflows
How to explain prompt injection clearly
The cleanest explanation of prompt injection names the instruction problem first. The attack is about getting the system to follow the wrong semantic path, not just about “asking a bad question.”
That also helps separate prompt injection from broader AI risk categories such as model misuse, governance gaps, or unsafe output quality.
Related reading
The term is clearer when the nearby language is clear too.
Use the pages below when you need adjacent terms, category context, or a longer explanation instead of leaving the definition to stand on its own.
Adjacent terms
Further reading
Sources used to check the definition and terminology
Guides
Where the definition expands into a longer explanation
A practical pre-publish review process for cybersecurity content covering terminology, claims, audience fit, proof, structure, and trust.
Cybersecurity Content Examples: What Good Looks LikeA practical guide to the traits that separate strong cybersecurity content from generic B2B copy, with examples of what to aim for across common asset types.