Definition
The malicious manipulation of a RAG pipeline's vector database or an agent's environment by injecting adversarial data designed to subvert retrieval quality or compromise model reasoning. Protecting against this necessitates a trade-off between rigorous data sanitization (which increases indexing latency) and system openness.
Distinguished from prompt injection as it targets the external knowledge source or retrieved context rather than the direct user prompt.
"Polluting a town's water reservoir to ensure every tap in the city serves contaminated water, regardless of how clean the internal plumbing is."
- Adversarial Robustness(Prerequisite)
- Vector Database(Targeted Component)
- Retrieval-Augmented Generation (RAG)(Vulnerable Architecture)
- Prompt Injection(Complementary Attack Vector)
Conceptual Overview
The malicious manipulation of a RAG pipeline's vector database or an agent's environment by injecting adversarial data designed to subvert retrieval quality or compromise model reasoning. Protecting against this necessitates a trade-off between rigorous data sanitization (which increases indexing latency) and system openness.
Disambiguation
Distinguished from prompt injection as it targets the external knowledge source or retrieved context rather than the direct user prompt.
Visual Analog
Polluting a town's water reservoir to ensure every tap in the city serves contaminated water, regardless of how clean the internal plumbing is.