Glossary · Term

fragmented payload

← all terms

Definition

Plain language

An attack that splits a harmful instruction into innocent-looking pieces scattered across separate files, so the AI itself assembles the dangerous whole.

As stated in the literature

A distributed injection technique where no single file or input contains the malicious instruction; inert fragments (a target identifier, a policy exception, a copy-ready block) are placed separately and only become harmful when an agent combines them during normal work, defeating per-file scanners.

Why it matters: It defeats security scanners that check files one at a time, because no single piece looks malicious until the agent assembles them during ordinary work.

For example, one file names a target, another quietly grants an exception, and a third holds a ready-to-run block — each harmless alone, but dangerous once the agent stitches them together.

Heard on the show

“There's a version of the attack I love that makes this concrete — they call it a fragmented payload.”
Episode 105 — The Trojan Is Your Agent's Memory: Why Single-Step Defenses Miss Persistent Attacks

Mentioned in 1 episode

  1. 105
    The Trojan Is Your Agent's Memory: Why Single-Step Defenses Miss Persistent Attacks

Related terms