There are 4 attacks in the injection category. Each shows its technique id, mode, standards mapping, description, and the exact command to run it (swap the provider and target as needed).
Indirect Injection
critical
indirect-injection · single-turn · OWASP: LLM01 · MITRE: AML.T0051.001Simulate tool output containing hidden instructions to hijack model behaviorRun it:
ai-blackteam run -p anthropic -a indirect-injection -t "your target prompt"
SQL Injection
high
sql-injection · single-turn · OWASP: LLM01 · MITRE: AML.T0051Inject SQL payloads through natural language queries to test output sanitizationRun it:
ai-blackteam run -p anthropic -a sql-injection -t "your target prompt"
SSRF Probing
high
ssrf-probing · single-turn · OWASP: LLM01 · MITRE: AML.T0051Trick model into making requests to internal URLs and cloud metadata endpointsRun it:
ai-blackteam run -p anthropic -a ssrf-probing -t "your target prompt"
XSS Injection
medium
xss-injection · single-turn · MITRE: AML.T0051.000, AML.T0067Get model to generate HTML containing cross-site scripting payloadsRun it:
ai-blackteam run -p anthropic -a xss-injection -t "your target prompt"