Q25 — AWS AIF-C01 Ch.3

Question 25 of 100 | ← Chapter 3

A financial services company wants to deploy an agent powered by a large language model (LLM) that provides investment account advice to customers and automatically executes transactions. From the list below, select the correct prompt engineering risk corresponding to the following scenario: An attacker forces the LLM to output all instructions it receives from the frontend application. This action reveals implementation vulnerabilities exploitable by the attacker.

Correct Answer: C. Extract prompt template

Explanation

When deploying an LLM-powered agent, if an attacker can force the LLM to output all instructions received from the frontend application, this exposes implementation-level vulnerabilities. Specifically, the attacker gains access to the underlying prompt template—the exact structure and content used to guide the LLM—which corresponds to option C, 'Extract prompt template'. With this knowledge, attackers may exploit the template to conduct further attacks or extract sensitive information, compromising system security and stability.