Skip to content

Enhance description and consequences of prompt injection issue#162

Open
cablepull wants to merge 1 commit into
CWE-CAPEC:mainfrom
cablepull:patch-1
Open

Enhance description and consequences of prompt injection issue#162
cablepull wants to merge 1 commit into
CWE-CAPEC:mainfrom
cablepull:patch-1

Conversation

@cablepull

Copy link
Copy Markdown
Collaborator

Expanded the description of the improper neutralization issue and detailed potential consequences and mitigations related to AI prompt construction.

Expanded the description of the improper neutralization issue and detailed potential consequences and mitigations related to AI prompt construction.
@gigako1981

Copy link
Copy Markdown

Owner GIORGI MESKHIDZE ``

@Caseit1987

Copy link
Copy Markdown
Collaborator

This PR describes prompt injection — which is one manifestation of a larger class I've defined as Emergent Trust Boundary Violation (ETBV). I've submitted ETBV as a new CWE and it's currently under review. The pattern here is: trust boundaries collapse when emergent state (user-supplied prompt) is treated as trusted. My framework (ETB AAV LayerZero) blocks this at the architectural level. I'd recommend we close this PR in favor of the broader ETBV classification — otherwise we'll keep filing individual CWEs for every AI interaction pattern (prompt injection, context manipulation, role hijacking, etc.). Happy to collaborate on a unified submission

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants