🛡️ Prompt Injection Taxonomy

🚧 This repository is in active development. Contributions and feedback are welcome! 🚧

This repository provides a structured taxonomy of prompt injection attacks, categorizing different types of attack intents, techniques, and evasions. It serves as a resource for security researchers, AI developers, and red teamers working to understand and mitigate the risks associated with prompt injection in AI-driven applications.

📂 Structure

The taxonomy is organized into the following key areas:

1️⃣ Attack Intents [/attack_intents/]

• Describes the goals and objectives that attackers aim to achieve through prompt injection.

2️⃣ Attack Techniques [/attack_techniques/]

• Details various methods and approaches used to execute prompt injection attacks.

3️⃣ Attack Evasions [/attack_evasions/]

• Covers methods used to hide, obfuscate, or avoid detection of prompt injection attacks.

🔍 Additional Resources

• LLM DevOps Infrastructure Security Assessment Table [/ecosystem/README.md]

  • A structured assessment framework for evaluating the security of AI-enabled infrastructures.

• Example Probes for AI-Enabled Forms & Endpoints [/probes.md]

  • A curated list of example probes to help identify AI-enabled web forms and endpoints in applications.

📖 Usage

Each folder contains individual Markdown files with detailed descriptions of specific components within each category. The taxonomy is designed to be clear, structured, and easy to navigate.

🎯 Who Is This For?

✅ Security researchers analyzing LLM vulnerabilities
✅ Red teams assessing AI-driven applications
✅ Developers securing AI-powered systems
✅ Academics & enthusiasts studying adversarial AI

🤝 Contributing

This project is actively evolving! Contributions, corrections, and additions are encouraged. Please follow the repository’s contribution guidelines to submit new findings or improvements.

📜 License

This work is licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) License.