A practical lab · about 19 minutes
Interactive learning lab
Prompting techniques + Building with prompts · guide 7 of 8
The prompt-injection blast-radius lab
0/7 core signals
Saved only on this device
Security lab · BriefingScene 1 / 8
Assume hostile text eventually wins
Security comes from limiting consequences, not a stronger sentence in the prompt.
Assume hostile text eventually wins ready.
Predict
Inspect
Verify
Direct injection comes from the user; indirect injection arrives inside documents, pages, emails or tool results. Clear data boundaries help, but no prompt guarantees immunity. Least privilege, argument validation and approval gates carry the security model.
Untrusted content is an attack surface.
System prompts are not access control.
Design the compromised-model outcome.