7 min read
Vulnerabilities RAG pipelines introduce document poisoning, indirect prompt injection via retrieved content, and semantic access control gaps that most security teams have not assessed.
RAG pipelines introduce document poisoning, indirect prompt injection via retrieved content, and semantic access control gaps that most security teams have not assessed.
How injected instructions in tool outputs can escalate an agent's effective permissions, exfiltrate data, and pivot to internal services — a novel attack class for agentic AI.
A UK law firm's misconfigured AI document assistant was exploited to systematically extract privileged client communications and M&A due diligence files over six weeks.
How malicious content in external data sources can hijack agent behaviour in LangChain, LlamaIndex, and AutoGen-style agents via indirect prompt injection through tool responses.