- 官方注入与工具误用主轴:OpenAI
Safety in building agents/Prompt injection best practices/Designing AI agents to resist prompt injection/Operator System Card - 分层防御与最小权限主轴:Anthropic
Mitigate jailbreaks and prompt injections/Securely deploying AI agents/Computer use、OpenAIInstruction Hierarchy - 企业运行时防护主轴:Google
Model Armor/AI security and safety、MicrosoftPrompt Shields/Prompt Injection Attacks - 协议与策略控制主轴:MCP
Security Best Practices、OWASPLLM01 Prompt Injection/LLM08 Excessive Agency - 状态污染与攻击链分析主轴:
Make Agent Defeat Agent、PoisonedRAG - Benchmark 与本章落点主轴:
Indirect Prompt Injection、AgentDojo、Agent Security Bench、AI Agents Under Threat,共同支撑“这四类风险本质上是一条可串联的自动化失效链”
附录 G:分章资料清单