Prompt Injection: Threat Taxonomy

How prompt-injection attacks actually arrive: direct vs indirect, document/web/email/multimodal carriers, tool-result injection, exfiltration via tool chains, memory poisoning, confused deputy patterns. The dangerous attacks are indirect — this page tells you which surfaces deliver them.