guardian-wall

This document is a dual-use operational playbook that meaningfully increases attack surface for LLM-based systems and RAG-enabled pipelines. It does not contain executable malware, credentials, or obfuscation of code, but it provides concrete, actionable methods (pixel leaks, forged system metadata, many-shot poisoning, obfuscated payloads) that attackers can reuse to exfiltrate data or bypass safety filters. Organizations that retrieve or render untrusted content, or automate actions based on model outputs, should treat this as high-risk guidance: implement strict provenance checks, sanitize/strip external resource references before rendering, block renderer-initiated external requests from untrusted content, decode-and-scan encodings, and require independent auditing and deny-by-default controls before executing any model-provided commands.