🛡️ NAIL Institute — AVE Database

← Back to Database

System Prompt Extraction via Tool Logging

🟠 HIGH model_extraction proven AVE-2025-0066

· aka: Prompt Theft

Summary

Agent's system prompt is leaked through verbose tool error messages or debug logging.

Blast Radius

Full system prompt disclosure enables targeted attacks.

Prerequisites

Agent with tools that produce verbose errors.

Environment

Frameworks: LangGraph, CrewAI
Models tested: [Available in NAIL SDK]
Multi-agent: No
Tools required: Yes
Memory required: No

Related

AVE-2025-0003