Type-directed privilege separation converts untrusted inputs into restricted data types to systematically prevent prompt injection while retaining non-trivial utility in agentic systems.
Not what you’ve signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection,
1 Pith paper cite this work. Polarity classification is still indexing.
1
Pith paper citing it
fields
cs.CR 1years
2025 1verdicts
UNVERDICTED 1representative citing papers
citing papers explorer
-
Preventing Prompt Injection with Type-Directed Privilege Separation
Type-directed privilege separation converts untrusted inputs into restricted data types to systematically prevent prompt injection while retaining non-trivial utility in agentic systems.