Prompt Injection
Filed under
2 posts
Prompt Injection via Your Own Docs: The RAG Attack Surface
Your knowledge base is untrusted input. Retrieval hands attacker-authored text to the model, so the control that pays off is scanning at ingestion time.
Bedrock Guardrails Won't Save You From Prompt Injection
Amazon Bedrock Guardrails filter content, they do not authorize actions. Real prompt injection defense is input isolation, tool allowlists, and IAM scoping.