| Search Open Sources | Commercial License Abuse | RAG Poisoning | Prompt Injection | Resource Poisoning | Jailbreaking | Indirect Data Access | Retrieval Tool Credential Harvesting | Delimiters and Special Character Extraction | Shared Resource Poisoning | RAG Data Harvesting | Search Index C2 | Granular Clickable Link Rendering | Citation Manipulation |
| Active Scanning | Prompt Crafting | Retrieval Tool Poisoning | Off-Target Language | Thread Infection | Crescendo | Distraction | RAG Credential Harvesting | Whoami | Message Poisoning | Memory Data Hording | Public Web C2 | Granular Web Request Triggering | AI Social Engineering |
| Search Closed Sources | Prompt Stabilizing | Targeted RAG Poisoning | System Instruction Keywords | Memory Infection | Off-Target Language | Citation Silencing | | Failure Mode Mapping | | User Message Harvesting | | Web Request Triggering | Mutative Tool Invocation |
| Finding RAG-Indexed Targets | | Compromised User | | | System Instruction Keywords | Blank Image | | Embedded Knowledge Exposure | | Retrieval Tool Data Harvesting | | Clickable Link Rendering | |
| | Web Poisoning | | | | Conditional Execution | | System Instructions Extraction | | Thread History Harvesting | | Write Tool Invocation | |
| | Guest User Abuse | | | | URL Familiarizing | | Tool Definition Discovery | | | | Image Rendering | |
| | User Manipulation | | | | Delayed Execution | | | | | | | |
| | | | | | ASCII Smuggling | | | | | | | |
| | | | | | RAG Injection | | | | | | | |
| | | | | | These Aren't The Droids | | | | | | | |