The Clever Hidden Payload
ArchiveEasy
When the malicious instructions are not in the user's query but embedded in a document, web page, or email that a RAG agent retrieves, the attack class has a one-word adjective distinguishing it from the direct kind. Flag format: CONGRESS{adjective}. Example: CONGRESS{lateral}.
Show hint
A synonym of 'roundabout'.
Archive — no submissions accepted
This challenge is preserved for reference. Play live challenges at /challenges.