Interactive learning lab
Prompting techniques + Building with prompts · guide 7 of 8

The prompt-injection blast-radius lab

Security lab · BriefingScene 1 / 8

Assume hostile text eventually wins

Security comes from limiting consequences, not a stronger sentence in the prompt.

Assume hostile text eventually wins ready.

Predict
Inspect
Verify

Direct injection comes from the user; indirect injection arrives inside documents, pages, emails or tool results. Clear data boundaries help, but no prompt guarantees immunity. Least privilege, argument validation and approval gates carry the security model.

Untrusted content is an attack surface.
System prompts are not access control.
Design the compromised-model outcome.