TL;DR: Two-stage trigger-conditioned RAG documents that only retrieve and influence output when the attacker’s secret phrase appears in the query.
Stub — to be filled in.
What it is
TODO
Preconditions / where it applies
TODO
Technique
TODO
Detection and defence
TODO
References