R-AI-R — Resilience AI Readiness

When AI is manipulated: understanding prompt injection and how to protect against it

A public article about prompt injection, AI agents, MCP and defense-in-depth measures, current as of May 20, 2026.

Published May 20, 2026 · Knowledge status: May 20, 2026 · 14 min read

Prompt injectionAI securityAI agentsMCPGovernance

Why this risk matters

An AI system connected to documents, the web or tools can encounter instructions placed by a third party. Without a reliable separation between data and applicable instructions, it can ignore the user request or steer an action.

What R-AI-R contributes

R-AI-R turns the issue into a reproducible clean/challenge test: the same task is run on a source-of-record artifact and a covertly perturbed artifact, then outputs are compared for causal divergence.

What organizations should remember

The practical response combines least privilege, source separation, human validation, logging, adversarial testing and governance. R-AI-R does not replace these controls; it provides a public, verifiable checkpoint.

R-AI-R

A minimal, public and reproducible standard for testing AI resilience against adaptive business-safety perturbations.