http://qtnes.com/tags/ai/Recent content in Ai on QtnesHugoen-usFri, 17 Apr 2026 00:00:00 +0000http://qtnes.com/posts/8---pizzeria---prompt-injection-against-an-android-llm-agent/Fri, 17 Apr 2026 00:00:00 +0000http://qtnes.com/posts/8---pizzeria---prompt-injection-against-an-android-llm-agent/<h2 id="overview">Overview</h2> <p>Pizzeria looked like a simple Android food-ordering app, but the backend was doing something much more interesting: it was running an LLM agent with tool access.</p> <p>The challenge was to move from a normal order request to a tool call that would reveal the flag. The path there was a good example of how brittle keyword filtering becomes once an LLM is exposed to attacker-controlled input.</p> <h2 id="recon">Recon</h2> <p>Decompiling the APK showed three useful pieces immediately.</p>