Retrieval Content Crafting
Adversaries may write content designed to be retrieved by user queries and influence a user of the system in some way. This abuses the trust the user has in the system. The crafted content can be combined with a prompt injection. It can also stand alone in a separate document or email. The adversary must get the crafte
- Framework
- MITRE ATLAS
- Maturity
- Demonstrated
- Platforms
- Generative AI, Agentic AI
- Release
- 2026.05
Overview
Adversaries may write content designed to be retrieved by user queries and influence a user of the system in some way. This abuses the trust the user has in the system.
The crafted content can be combined with a prompt injection. It can also stand alone in a separate document or email. The adversary must get the crafted content into the victim\u0027s database, such as a vector database used in a retrieval augmented generation (RAG) system. This may be accomplished via cyber access, or by abusing the ingestion mechanisms common in RAG systems (see RAG Poisoning).
Large language models may be used as an assistant to aid an adversary in crafting content.