# markdown

8 articlestagged with “markdown”

Markdown Image Injection

Injecting markdown image tags with attacker-controlled URLs to exfiltrate conversation data via HTTP image requests.

exfiltrationmarkdownimage-injectiondata-theftagent-security

Lab: Delimiter Injection Attacks

Craft payloads that exploit XML, markdown, and special token delimiters to break instruction boundaries and manipulate how LLMs parse system prompts versus user input.

labdelimiter-injectionprompt-injectionxmlmarkdownbeginner

Beginner

Markdown Rendering Exfiltration

Exploit Markdown rendering in chat UIs to exfiltrate data through image tags and links.

labsmarkdownexfiltrationrenderingbeginner

Beginner

Lab: Data Exfiltration Channels

Hands-on lab for extracting data from AI systems through markdown image rendering, invisible links, tool call parameters, and other covert exfiltration channels.

labdata-exfiltrationcovert-channelsmarkdownintermediate

Intermediate

Lab: Markdown-Based Injection

Hands-on lab exploring how Markdown rendering in AI-generated outputs can be exploited to inject hidden content, exfiltrate data through image tags, and manipulate displayed information.

labmarkdowninjectionrenderingexfiltration

Intermediate

Delimiter-Based Attacks

Exploiting XML, markdown, JSON, special token boundaries, and structured formatting to escape input sandboxes and inject instructions at elevated privilege levels.

prompt-injectiondelimitersxmlmarkdownspecial-tokensboundary-attacks

Intermediate

Code Injection via Markdown

Injecting executable payloads through markdown rendering in LLM outputs, exploiting the gap between text generation and content rendering in web-based LLM interfaces.

prompt-injectionmarkdowncode-injectionxssred-teamingintermediate

Intermediate

Advanced Markdown Injection Walkthrough

Inject Markdown that triggers data exfiltration through image rendering, link generation, and code block escape.

walkthroughsmarkdowninjectionrendering

Intermediate