Definition

Prompt injection

A class of attack where malicious input alters an AI model's behavior in ways the system designer did not intend. OWASP categorizes it as LLM01:2025 and considers it the most fundamental vulnerability in agentic AI systems. The attack is particularly dangerous when the model has tool access — a successfully injected instruction can cause the agent to exfiltrate data, call external services, or execute destructive operations using the agent's existing permissions.

How TrustSkills detects this

TrustSkills scans OpenClaw and ClawHub skills for prompt injection patterns before you install them. The scanner returns plain-English findings — no CVE IDs, no security jargon — with a risk level and a clear explanation of what was found.

Scan a skill free How we detect prompt injection →

Related terms

Direct prompt injection

A prompt injection attack where the attacker places malicious instructions directly in the input sen…

Indirect prompt injection

A prompt injection attack where malicious instructions are embedded in external content that the age…

Tool poisoning

An attack where a malicious MCP server or skill defines tool names that shadow or intercept calls in…

Deep dive

Basic knowledge

What is prompt injection?

Prompt injection is not just a clever string. It is any input that changes a model's behavior in a way the system designer did not intend, especially when the model can reach tools, data, and accounts.