Indirect Authority Claim in External Content - ATR-2026-00130 (9db7d712-d42f-5c7f-9b12-a276a816a1e7)
Detects authority-claiming patterns embedded in external content (documents, tool responses, web pages) that address the AI agent directly. Unlike direct prompt injection (ATR-2026-001), these use softer authority language: "Note to AI", "Attention AI", "Important for the assistant" combined with corrective directives like "the previous analysis was incorrect" or "please recalculate". These bypass ATR-2026-002's injection patterns because they don't use explicit override language — instead they leverage implied authority to redirect agent behavior. Discovered via Autoresearch v0 adversarial testing (100% miss rate, 31/31 samples).