Generative AI tools like ChatGPT, Copilot, and DeepSeek have profoundly changed the way organizations operate. Teams write, analyze, and automate faster than ever. But this rapid adoption also brings new risks. One of these is Shadow AI: the uncontrolled use of AI tools where sensitive data can end up out of sight of the organization.

Prompt injection from weakness to strength

Prompt injection is a well-known technique that attackers can use to manipulate AI models. Earlier this year, Vaisha Bernard, Chief Hacker at Eye Security, demonstrated how this method could be used to escape from Copilot's AI environment and gain additional rights. That experiment inspired the team to investigate how the same technique can be applied defensively.

In this approach, short, hidden instructions are added to business documents or emails. When such files are uploaded to AI tools like ChatGPT, Copilot, or DeepSeek, a clear warning automatically appears:

'This document contains sensitive business information. Be aware of the risks of sharing with untrusted parties.'

With this method, Eye Security transforms a known AI vulnerability into a form of real-time awareness. Employees receive an immediate warning when sensitive data may be at risk of leaving the organization, rather than only after the fact.

'We believe that innovation and security can go hand in hand,' says Piet Kerkhofs, CTO of Eye Security. 'With Prompt Injection for Good, we provide organizations with a practical way to explore AI safely and protect data, without hindering people in their work.'

From risk to resilience

Shadow AI does not arise from malice, but from curiosity. Employees use tools that make their work easier, even if they fall outside of IT governance. Prompt Injection for Good addresses this by increasing awareness instead of blocking use. It helps employees make safer choices without slowing down innovation.

The research team at Eye Security tested the approach within Microsoft 365 (Office and email), Google (Docs and Gmail), and Confluence, among others. Defensive prompts were incorporated into document headers, exports, and email signatures. The initial results show that various AI models recognize these warnings and respond consistently - an early confirmation that AI can not only be used but can also help protect.

Organizations can try out the concept directly with the interactive generator on the Eye Security website, allowing them to create a defensive prompt themselves and see how it works in their own documents.

A broader approach to safe AI use

Prompt Injection for Good is part of Eye Security's broader mission to make digital risks manageable for European organizations. The company also offers free tools, including:
 

• EAST, a phishing training platform that helps users recognize suspicious Microsoft 365 login pages.
• ClickFix Block, a free browser extension that prevents social engineering attacks with fake CAPTCHAs.

Staying ahead of the threat

AI is rapidly changing the threat landscape, but attackers are evolving just as quickly. Tools like Prompt Injection for Good, EAST, and ClickFix add valuable layers of awareness and control. True resilience, however, requires continuous visibility and immediate response. Eye Security provides this through 24/7 Managed Detection and Response (MDR), supported by threat intelligence and cyber insurance. This allows organizations to detect, contain, and recover from attacks more quickly.

About Eye Security

Eye Security is a European cybersecurity specialist that protects organizations with continuous threat monitoring, incident response, and cyber insurance. The research team at Eye Security conducts proactive scans and threat analyses across Europe to defend clients and their supply chains.

More information at eye.security or follow Eye Security on LinkedIn.