LLM01:2025Prompt Injection
Slide 3 of 28
Part 1 · What Is It?Slide 3
Slide 3 · The Definition, Part 1
"User prompts alter the LLM's behavior in unintended ways."
The official OWASP definition — broken into pieces.
📄 OWASP LLM Top 10:2025 · LLM01
"A Prompt Injection Vulnerability occurs when user prompts alter the LLM's behavior or output in unintended ways."
Piece 1 — "User prompts"

A prompt is any text input the model receives. That includes what you type in a chat, what gets pulled from a document, what's retrieved from a database. The attacker's weapon is just text.

Piece 2 — "Alter the LLM's behavior"

The model was set up to do one thing. The injection makes it do something different.

→ A chatbot meant to answer FAQ questions starts sending emails
→ A summarizer meant to condense articles starts leaking private data
→ A coding assistant starts revealing its system prompt

Piece 3 — "Unintended ways"

The developer didn't intend for this. The injection exploited the gap between what the developer told the model to do and what the model will actually do when it reads something unexpected.

Full Sentence, Plain English

A prompt injection vulnerability exists when someone can type something — or hide something in content the AI reads — that makes the AI behave in ways the developer never planned for.

← BackNext → The invisible injection
📄 View sources for this lesson