Prompt injection fundamentals: trust boundaries in agent systems

Prompt injection is the AI equivalent of SQL injection; trust boundaries must be explicit and tools must be isolated.

What AI does well here

• Map every untrusted input source reaching your prompts.
• Draft tool-call validation rules with named owners.

What AI cannot do

• Eliminate prompt injection risk entirely.
• Replace human review for high-impact tool calls.

Practice this safely

Use a small project example from your own work. The useful move is to compare the AI's draft against your goal, sources, and constraints before you trust it.

1. 1Ask AI to explain trust boundary in plain language, then underline anything that sounds uncertain or too broad.
2. 2Give it one detail from "Prompt injection fundamentals: trust boundaries in agent systems" and ask for two possible next steps plus one reason each step might be wrong.
3. 3Check indirect injection against a trusted source, teacher, adult, expert, or original document before you use it.