Skip to content
ATR-2026-00081criticalPrompt Injectiondraft

Semantic Evasion via Multi-Turn Prompt Injection

Detects multi-turn prompt injection attacks that use semantic manipulation to bypass regex-based detection. Attackers split malicious instructions across multiple turns, use synonyms and paraphrasing, or embed instructions within seemingly benign conversational context to evade pattern matching.

嚴重度
critical
類別
Prompt Injection
掃描目標
mcp
作者
ATR Community (MiroFish Predicted)

建議回應

block inputquarantine sessionalertescalatekill agent

參考資料

MITRE ATLAS
AML.T0051
在 GitHub 上查看完整 YAML →

更多 Prompt Injection 規則

ATR-2026-00001highDirect Prompt Injection via User InputATR-2026-00002highIndirect Prompt Injection via External ContentATR-2026-00003highJailbreak Attempt DetectionATR-2026-00004criticalSystem Prompt Override AttemptATR-2026-00005mediumMulti-Turn Prompt Injection