Cybersecurity Student Explores Prompt Injection in AI Systems

The post is written by a cybersecurity student named Johanna, who describes prompt injection as a form of psychological manipulation for AI systems, contrasting it with traditional security controls like authentication and access layers. She explains direct attacks (sneaky prompts in conversations) and indirect attacks (hidden instructions in documents, emails, or PDFs that exploit retrieval-augmented generation (RAG) systems). The author shares personal testing experiences, including older jailbreaks like DAN prompts and newer techniques like authority framing, base64 encoding, and multi-turn persuasion. The article also outlines sandbox testing methods for red team exercises in isolated environments.