{"title":"Context Poisoning: RAG Injection Guardrails","region":"Global","category":"Security","description":"Preventing 'Indirect Prompt Injection' via retrieved documents.","lastUpdated":"2026-02-23","steps":["Sanitize retrieved chunks for 'Ignore previous instructions' patterns.","Isolate system instructions from RAG context using delimiters.","Implement a 'Pre-Ingestion' LLM filter to flag instruction-like text.","Use a 'Read-Only' persona for agents processing untrusted RAG data.","Sign and verify the origin of all documents in the vector store."],"url":"https://checklist.day/context-poisoning-rag-injection"}