What is prompt injection and why is it the number one agent security threat?

Answer

Prompt injection is an attack where adversarial input causes an agent to deviate from its intended behavior — ignoring its system prompt, executing unauthorized actions, or leaking confidential information. It's the top threat because: agents process untrusted user input by design, there's no reliable way to fully separate instructions from data in natural language, and a successful injection can turn an agent into an insider threat with legitimate credentials. Defense requires layered detection (pattern matching, behavioral analysis, output monitoring) — no single technique is sufficient.