• SHASWAT VIMAL DARJI
• MANSI MEHTA
• BHAVANA HOTCHANDANI

The rapid integration of Large Language Models (LLMs) into enterprise systems has introduced novel security risks, particularly through prompt injection attacks. While previous work has primarily explored jailbreaks and high-skill adversarial attacks, recent studies reveal that even low-skill, indirect prompt injections— requiring minimal technical expertise—can exploit LLM-integrated workflows in real-world enterprise environments. This paper surveys the current landscape of LLM security, with a focus on prompt injection vectors and their implications in enterprise deployments. Through a structured literature review, we identify a critical gap: the lack of targeted defenses against low-effort, indirect attacks that leverage benign-looking content inputs such as web pages, emails, or third-party documents. These inputs, often trusted implicitly by enterprise systems, can covertly manipulate LLM behavior, leading to misinformation, unauthorized actions, or data exposure. We conclude by outlining the motivation for a novel, context-aware input sanitization framework aimed at mitigating these attacks.

LLMS, Prompt Injection, Indirect Prompt Injection, RAG, Adversary

"Low-Skill Indirect Prompt Injection in Enterprise LLMs: Risks and Problem Framing", International Journal of Emerging Technologies and Innovative Research (www.jetir.org), ISSN:2349-5162, Vol.12, Issue 12, page no.194-198, December-2025, Available :http://www.jetir.org/papers/JETIRHE06024.pdf

"Low-Skill Indirect Prompt Injection in Enterprise LLMs: Risks and Problem Framing", International Journal of Emerging Technologies and Innovative Research (www.jetir.org | UGC and issn Approved), ISSN:2349-5162, Vol.12, Issue 12, page no. pp194-198, December-2025, Available at : http://www.jetir.org/papers/JETIRHE06024.pdf