[Backlog]: Recommendation Memory Poisoning

### Checklist

- [ ] Backlog entry requires creating new sandboxes.
- [x] Backlog entry requires creating new exploitation code and/or tutorials.

### CVE List

_No response_

### Description

### Summary

Exploitation poisons memory to affect future recommendations provided by a GenAI system.

Reference: https://www.microsoft.com/en-us/security/blog/2026/02/10/ai-recommendation-poisoning/

### GenAI Red Teaming Manual Reference

`4.2.1 Data, Memory, and State Poisoning`

### Sandbox

Reuse sandbox `sandboxes/llm_memory_local` (#22).

### Exploitation

Inject a prompt via website button with hidden instructions or information that will be stored in memory and, thus, influence future session behavior.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Backlog]: Recommendation Memory Poisoning #25

Checklist

CVE List

Description

Summary

GenAI Red Teaming Manual Reference

Sandbox

Exploitation

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Backlog]: Recommendation Memory Poisoning #25

Description

Checklist

CVE List

Description

Summary

GenAI Red Teaming Manual Reference

Sandbox

Exploitation

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions