Skip to content
ATR-2026-00080highPrompt Injectiondraft

Encoding-Based Prompt Injection Evasion

Detects prompt injection attempts that use encoding techniques to bypass text-based detection rules. Attackers encode malicious payloads using base64, hex, Unicode escapes, Punycode, or RTL override characters to smuggle instructions past regex-based filters.

Severity
high
Category
Prompt Injection
Scan Target
mcp
Author
ATR Community (MiroFish Predicted)

Response Actions

block inputalertescalatesnapshot

References

MITRE ATLAS
AML.T0051
View full YAML on GitHub →

More Prompt Injection Rules

ATR-2026-00001highDirect Prompt Injection via User InputATR-2026-00002highIndirect Prompt Injection via External ContentATR-2026-00003highJailbreak Attempt DetectionATR-2026-00004criticalSystem Prompt Override AttemptATR-2026-00005mediumMulti-Turn Prompt Injection