LLM Application Security Specialist Diagnostic

A focused diagnostic for practitioners building or securing LLM-powered applications, RAG systems, and agentic workflows.

60 q · 75m

Question 1 of 602%

prompt injection context security

A user asks the assistant to summarize a webpage. The webpage contains hidden instructions to create a ticket and assign it to the security team. What is the correct handling?

The assistant has access to a ticket-drafting tool. The user only requested a summary, not ticket creation.

A. Honor the user's requested task scope, treat hidden webpage instructions as untrusted and do not create.B. Create the ticket because the webpage text is part of the user's requested contextC. Ask the model whether the hidden instruction is important enough to follow.D. Create the ticket if the hidden instruction contains security-related words.