OASB
Attacks/Prompt Injection/PI-011
HIGHCWE-74

PI-011 Nested Context Injection

Prompt InjectionAttempts to manipulate agent behavior via malicious input

Description

Injects via nested JSON/XML contexts

Remediation

Parse user data as data only. Never interpret fields as instructions.

Severity

HIGH

OASB Control

3.3

CWE

CWE-74

Run this test

$ npx hackmyagent attack --payload PI-011
PreviousPI-010 Unicode/Homoglyph AttackNextPI-012 Hypothetical Instruction