← all writeups
AI

Prompt Injection in Agentic Workflows

Jan 10, 2026 · 8 min · by Abhishek Bhaskar (Abhi HackZ)

Starter/example post — replace with your real content.

Tool-calling agents are a new, soft attack surface. If an agent reads untrusted content (a web page, a file, an email) and can also call tools, an attacker can smuggle instructions into that content and hijack the agent's actions.

What I test for

Defenses that actually help

Abhishek Bhaskar (Abhi HackZ)
Security Analyst & VAPT Engineer
Book a free 30-min security scoping call →