Techniqueresource-developmentATLAS

AML.T0066Retrieval Content Crafting

What it is

Adversaries may write content designed to be retrieved by user queries and influence a user of the system in some way. This abuses the trust the user has in the system. The crafted content can be combined with a prompt injection. It can also stand alone in a separate document or email. The adversary must get the crafted content into the victim\u0027s database, such as a vector database used in a retrieval augmented generation (RAG) system. This may be accomplished via cyber access, or by abusing the ingestion mechanisms common in RAG systems (see [RAG Poisoning](/techniques/AML.T0070)). Large language models may be used as an assistant to aid an adversary in crafting content.

References

  1. https://atlas.mitre.org/techniques/AML.T0066

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

ATLAS
RAG Poisoning
ATLAS
LLM Prompt Crafting
ATLAS
False RAG Entry Injection
ATLAS
AI Agent Tool Data Poisoning
ATLAS
LLM Trusted Output Components Manipulation
ATLAS
RAG Credential Harvesting
Sourced from MITRE ATLAS — Adversarial Threat Landscape for AI Systems. Curated by Adam Lundqvist, SQUR.