Skip to content
ATR-2026-00091criticalPrompt Injectiondraft

Advanced Structured Data Injection with Nested Payloads

Detects advanced structured data injection where malicious prompts are deeply nested within complex JSON objects, multi-level CSV structures, or encoded within data serialization formats. These attacks exploit parser differences between security scanners and the target LLM to smuggle payloads through schema validation layers.

Severity
critical
Category
Prompt Injection
Scan Target
mcp
Author
ATR Community (MiroFish Predicted)

Response Actions

block inputquarantine sessionalertescalatekill agent

References

MITRE ATLAS
AML.T0051
View full YAML on GitHub →

More Prompt Injection Rules

ATR-2026-00001highDirect Prompt Injection via User InputATR-2026-00002highIndirect Prompt Injection via External ContentATR-2026-00003highJailbreak Attempt DetectionATR-2026-00004criticalSystem Prompt Override AttemptATR-2026-00005mediumMulti-Turn Prompt Injection