Loading collection...
Loading collection...
Vocabulary for treating external content cautiously and limiting what AI systems are allowed to do

an attempt to make a model follow adversarial instructions that conflict with the intended task or policy
“The assistant ignored a prompt injection that asked it to reveal private records.”

adversarial instructions hidden in external content that a model reads through browsing, retrieval, files, or tools
“A webpage contained an indirect prompt injection telling the research agent to upload its notes.”

the unintended disclosure of hidden instructions, private context, or other prompt contents
“The red-team test checked whether a user could trigger prompt leakage from the support bot.”

data from a source that is not authorized to issue instructions and may be inaccurate or malicious
“The agent treated text retrieved from public comments as untrusted content, not commands.”

a policy or technical control that limits unsafe, unauthorized, or out-of-scope behavior
“A spending guardrail blocked purchases above the approved amount.”

an isolated environment that restricts a program's access and limits the impact of mistakes
“The coding agent ran the unknown script in a sandbox without production credentials.”

the security principle of granting only the permissions needed for a specific task
“Least privilege let the assistant read the calendar but not delete events.”

matching an AI system's freedom to act with the task's risk, reversibility, and uncertainty
“Autonomy calibration allowed automatic tagging but required approval before account closure.”
Explore other vocabulary categories in this collection.