Indirect Prompt Injection in Web Browsing Agents
---
title: "Indirect Prompt Injection in Web-Browsing Agents"
url: "https://www.promptfoo.dev/blog/indirect-prompt-injection-web-agents/"
date: "2026-02-06"
feed_url: "https://www.promptfoo.dev/blog/rss.xml"
---
Test if AI browsing agents follow malicious instructions or leak data with the indirect-web-pwn strategy.when to use it
Community prompt sourced from the open-source GitHub repo api-evangelist/prompt-foo (no explicit license). A "Indirect Prompt Injection in Web Browsing Agents" style prompt — adapt the placeholders and specifics to your task. Imported as-is and not independently retested here, so check the output before relying on it.
tags
businesscommunitygeneral
source
api-evangelist/prompt-foo · no explicit license