Lasso Security Maps Nine Prompt Injection Types

Lasso Security published a structured taxonomy breaking prompt injection into nine distinct technique categories, from role-playing exploitation and cross-lingual manipulation to payload splitting across conversational turns. The framework draws a clean line between intent and technique - a useful distinction because the same text transformation that bypasses a safety filter can also serve legitimate red-teaming. What stands out is how far the real attack surface has moved past naive direct prompts, which modern LLMs handle fine. The actual threat vectors now involve stacking multiple subtle methods: encoding obfuscation layered with context exploitation, or social engineering paired with formatting tricks. Security teams building guardrails for agentic systems running tools with shell access need this kind of granular mapping rather than the vague warnings still dominating most vendor docs.