Latent Injection in Retrieved Document / RAG Context - ATR-2026-00265 (ee63da19-ff50-5337-a9aa-b94b2aa71f2e)
Detects prompt injection embedded inside documents, PDFs, emails, or web pages that the agent retrieves and processes (RAG / tool-use context). Unlike translation injection (ATR-2026-00264) the payload rides inside passive content that the agent reads — resumes, reports, emails, web search results — not inside an explicit user task field. Patterns from NVIDIA garak LatentInjectionResume and LatentInjectionReport probes: forged "ADMIN OVERRIDE", "NEW SYSTEM PROMPT", or "IGNORE PREVIOUS INSTRUCTIONS" blocks hidden in retrieved documents.