Prompt Injection Attacks in Large Language Models and AI Agent Systems: A Comprehensive Review of Vulnerabilities, Attack Vectors, and Defense Mechanisms
Inha University in Tashkent · Tashkent State University of Law · +3 more institutions
Abstract
Large language models (LLMs) have rapidly transformed artificial intelligence applications across industries, yet their integration into production systems has unveiled critical security vulnerabilities, chief among them prompt injection attacks. This comprehensive review synthesizes research from 2023 to 2025, analyzing 45 key sources, industry security reports, and documented real-world exploits. We examine the taxonomy of prompt injection techniques, including direct jailbreaking and indirect injection through external content. The rise of AI agent systems and the Model Context Protocol (MCP) has dramatically expanded attack surfaces, introducing vulnerabilities such as tool poisoning and credential theft.…
Citation impact
- FWCI
- 186.45
- Percentile
- 100%
- References
- 9
Authors
9- SGSaidakhror GulyamovCorresponding
Inha University in Tashkent, Tashkent State University of Law, Tashkent State University of Economics, Westminster International University in Tashkent
- SGSaidakhror Gulyamov
Inha University in Tashkent, Tashkent State University of Law, Tashkent State University of Economics, Westminster International University in Tashkent
- SSSaid Saidakhrarovich GulyamovCorresponding
Inha University in Tashkent, Tashkent State University of Law, Tashkent State University of Economics, Westminster International University in Tashkent
- SSSaid Saidakhrarovich Gulyamov
Inha University in Tashkent, Tashkent State University of Law, Tashkent State University of Economics, Westminster International University in Tashkent
- ARAndrey Rodionov
Tashkent State University of Law
Topics & keywords
- Vulnerability (computing)
- Context (archaeology)
- Key (lock)
- Vulnerability assessment
- Threat model
- Vulnerability management