Hiding in Plain Floats: Steganographic Carriers for Indirect Prompt and Content Injection 事件

Hiding in Plain Floats: Steganographic Carriers for Indirect Prompt and Content Injection arXiv:2606.08403v1 Announce Type: cross Abstract: Text-centered prompt-injection defenses assume that the malicious signal is visible in one of the inspected text views. We study a reproducible LLM01-style indirect prompt/content-injection failure mode where that assumption breaks: a payload caught in plain English slips past the same detector when it is transported as structured float parameters and recon