Hunting the Invisible: Indirect Prompt Injection in Python Pipelines
- Track:
- Testing, Quality Assurance, Security
- Type:
- Talk
- Level:
- intermediate
- Room:
- S4
- Start:
- 15:10 on Thursday, 16 July 2026
- End:
- 15:40 on Thursday, 16 July 2026
- Duration:
- 30 minutes
Abstract
AI agents are no longer just generating text, they are reading PDFs, scraping websites, calling APIs, and taking autonomous actions inside our Python applications. But what happens when the documents they read are malicious?
In this talk, we’ll explore indirect prompt injection, a subtle but major attack where hidden instructions embedded in PDFs, HTML pages, or external data sources hijack an AI system’s behavior. Unlike classic prompt injection, this attack doesn’t come from the user, it comes from the data your Python pipeline trusts.