Tag

#ai-security

1 article tagged #ai-security. See all tags →

The New Prompt Injection Attack Surface: MCP, Tools, and Your Browser
Tech··12 min

The New Prompt Injection Attack Surface: MCP, Tools, and Your Browser

Prompt injection is the SQL injection of the AI era, except worse. SQLi has a clean fix. Indirect prompt injection doesn't, because an LLM reads instructions and untrusted data through the same channel with no reliable way to tell them apart. OWASP ranks it the number one risk in AI applications, and the numbers back that up.

prompt-injectionai-securitymcp