CAPTURE: Context-Aware Prompt Injection Testing and Robustness Enhancement

Add code
May 18, 2025
Gauri Kholkar, Ratinder Ahuja
Figure 1 for CAPTURE: Context-Aware Prompt Injection Testing and Robustness Enhancement
Figure 2 for CAPTURE: Context-Aware Prompt Injection Testing and Robustness Enhancement
Figure 3 for CAPTURE: Context-Aware Prompt Injection Testing and Robustness Enhancement
Figure 4 for CAPTURE: Context-Aware Prompt Injection Testing and Robustness Enhancement

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Prompt injection remains a major security risk for large language models. However, the efficacy of existing guardrail models in context-aware settings remains underexplored, as they often rely on static attack benchmarks. Additionally, they have over-defense tendencies. We introduce CAPTURE, a novel context-aware benchmark assessing both attack detection and over-defense tendencies with minimal in-domain examples. Our experiments reveal that current prompt injection guardrail models suffer from high false negatives in adversarial cases and excessive false positives in benign scenarios, highlighting critical limitations.

* Accepted in ACL LLMSec Workshop 2025  
View paper onarxiv icon

Share this with someone who'll enjoy it:

Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon