https://carney.wiki/tags/prompt-injection/Recent content in Prompt Injection on carney.wikiHugo -- gohugo.ioenThu, 05 Feb 2026 00:00:00 +0000https://carney.wiki/blog/prompt-injection-has-left-the-chatbot/Thu, 05 Feb 2026 00:00:00 +0000https://carney.wiki/blog/prompt-injection-has-left-the-chatbot/Prompt injection did not suddenly become dangerous. We connected it to systems that matter. For years, prompt injection was treated as a curiosity: a way to make a chatbot ignore rules, leak instructions, or say something awkward. Interesting for demos. Annoying in production. Easy to dismiss as a model behavior problem. That framing is obsolete. The recent reporting around ServiceNow AI agent vulnerabilities should make the shift clear. This is not just about a model getting confused.https://carney.wiki/blog/how-prompt-injection-attacks-actually-work/Wed, 10 Dec 2025 00:00:00 +0000https://carney.wiki/blog/how-prompt-injection-attacks-actually-work/Prompt injection is not a clever chatbot trick anymore. It is one of the core security problems in AI systems. The reason is uncomfortable: large language models do not reliably separate instructions from data. They interpret text. That text may come from a user, a document, a webpage, a support ticket, an email, a retrieved knowledge base article, or another AI system. To a human, some of that text is obviously content.