Google DeepMind has developed an ongoing process to counter the continuously evolving threat from Agentic AI’s bete noir: adaptive indirect prompt injection attacks.
Indirect prompt injection (IPI) attacks are a serious threat to agentic AI. They interfere with the inference stage of AI operation – that is, IPI attacks influence the response from the model to the benefit of the attacker. The attacker requires no direct access to the models’ learning data – indeed, the attacker neither has nor needs any knowledge of the internal workings, probabilities, or gradients of the model – but instead relies on agentic AI’s intrinsic ability to autonomously learn from other tools.
