Picture this. An employee shares a document with an AI assistant inside their UC platform. The document looks routine. But it contains hidden instructions, invisible to the employee yet readable by the AI. Those instructions tell the tool to bypass its guardrails, access sensitive data, or alter its outputs in ways that quietly compromise your compliance records.
This is indirect prompt injection. Crucially, it is not theoretical. It is a growing attack vector in enterprise AI deployments, and most current governance frameworks cannot catch it. Traditional DLP tools track what users do. They do not track what content does when it enters the AI layer.
Theta Lake has now built a classifier to close that gap. The company targets hidden instructions in the emails, documents, chats, and transcripts employees share with AI tools every day, across the UC platforms it already monitors.
For IT and security leaders who have built AI governance policies around user behaviour, this is precisely the gap those policies leave open. If your team is not already thinking about it, your organisation is almost certainly exposed.
How Theta Lake AI Prompt Injection Detection Works
The indirect prompt injection classifier sits at the centre of a broader platform update. It differs from jailbreak detection, which Theta Lake already offers, in one important way. Jailbreaking requires a user to actively try to manipulate an AI tool. Indirect prompt injection, by contrast, works through the content itself. A third party embeds malicious instructions inside a document or message. The employee shares it. The AI acts on the hidden instruction without either party realising it.
The classifier intercepts those instructions before they reach the AI layer. It covers Theta Lake’s integrations with Zoom, Microsoft Teams, Cisco Webex, RingCentral, and Slack. As a result, compliance and security teams get a forensic record of what the classifier detected, where, and when.
Two further classifiers accompany it. The first covers attachment sharing with AI assistants: it detects and identifies documents passing into AI tools, giving teams visibility into what content enters the AI layer and from where. The second targets AI manipulation and unethical summary steering. This catches users who instruct AI tools to omit or alter specific topics from meeting summaries or communication records, an act that could compromise legal, compliance, or security analysis downstream.
Marc Gilman, General Counsel and VP of Compliance at Theta Lake, said the company’s focus extends well beyond product delivery:
“We want to help our customers learn to adapt to the new AI-powered workplace, and one of the best ways we can help is to bring leading experts, present real-world scenarios, and best practices to the broader community of risk, compliance, and legal professionals.” Read the full article.
