Prompt injection has been characterized by OWASP as one of the most critical vulnerability in LLM-based applications. Traditionally, it has been considered in the context of jailbreaking or generating offensive content. However, with the evolution of LLMs from simple chatbots to more intelligent agents that can execute API calls, interact with databases, or even execute shell commands, the threat model associated with this type of vulnerability is entirely different. This paper presents a new model for characterizing the potential of prompt injection attacks as a type of initial vector in a complex cyberattack model. By synthesizing the research associated with the OWASP Top 10 vulnerabilities for LLMs, IBM's research on the risks associated with prompt injection attacks.

Алкоуни А.М. (науч. рук. Савков С.В.) From vulnerability to vector: how prompt injection enables broader cyber threats in llm-integrated systems // Сборник тезисов докладов конгресса молодых ученых. Электронное издание. – СПб: Университет ИТМО, [2026]. URL: https://kmu.itmo.ru/digests/article/17859