Prompt Injection Defense Weekly

Trust-Level Tagging: The Zero-Cost First Line Against Indirect Injection

Indirect injection — malicious instructions hidden in RAG docs, emails, and tool outputs — is the attack vector hitting production agents in 2026. This week's defense: wrap every untrusted content segment in explicit XML trust-boundary tags so the model treats external data as data, not commands. Zero token cost, ships in five minutes, and gives every downstream layer a defined anchor point.