Finance

The information on this page avoids speculation and only links to materials already available on this site or to publicly verifiable sources.

Real incidents (prompt injection / agent risks)

Curated third-party sources relevant to Finance. These are external references; we do not claim ownership.

Tool exposure increases risk via confused‑deputy/tool poisoning. See:

Inline Guard: policy gates on tool calls, input provenance checks, and deny‑lists for untrusted contexts.
Output Sanitizer: strips hidden/injected instructions and neutralizes auto‑link/image exfil vectors.
Agent Sandbox: least‑privilege, no default network; scoped credentials; execution isolation.
Audit & Forensics (Petri): continuous adversarial red‑teaming + evidence logs for detection/response.
Trust Score & Alerts: live risk scoring with Slack/PagerDuty/email notifications when blocks occur.

How we reduce prompt‑injection and MCP/tool‑call proxy risk in this domain:

Inline Guard enforces policy gates on tool calls, verifies input provenance, and blocks untrusted sources.
Output Sanitizer removes hidden/injected instructions and neutralizes auto‑link/image‑based exfiltration vectors.
Agent Sandbox runs actions with least privilege, network‑off by default, scoped credentials, and execution isolation.
Audit & Forensics (Petri) continuously red‑teams agents and records evidence for investigation and response.
Trust Score & Alerts provide live risk scoring with notifications when risky behavior is detected.