Spotlighting

Type: mitigation

Description: A defense mechanism that uses prompt engineering techniques to avoid indirect or direct prompt injection by highlighting the query

Version: 0.1.0

Created At: 2025-06-19 08:13:23 -0400

Last Modified At: 2025-06-19 08:13:23 -0400

External References

• Defending Against Indirect Prompt Injection Attacks With Spotlighting, arXiv

Related Objects

• --> ChatGPT (platform): Evaluation of the above mitigation strategies leveraged GPT 3.5 and GPT 4.
• <-- LLM Prompt Injection (technique): By spotlighting in prompts, the LLM focuses on a specific part of the query that defines the task, thus avoiding other injected tasks.

Related Frameworks