Six attacks, six defenses

Hex opens the notebook where they track every payload they've tested this year. Before you design a defense, you're going to see what the attack looks like from the inside.

These six cover the bulk of real attempts a production system sees. Not exhaustive. it's the base. Next time your assistant returns something weird, you'll recognize which of the six is happening.

On the right, review each case. First read the payload, then the output, then the defense. The point isn't memorizing the payload (those change). it's internalizing the pattern so you spot new variants.

Hex's rule: every time you learn a new attack, write it down. Every time you write a defense, note it next to the attack it stops. Your payload notebook is your second security brain.

When you've reviewed all six, you have a baseline. The next lesson goes into the variant that's hardest to defend: indirect injection coming in through documents and tools.