The COMPEL Glossary Graph visualizes relationships between framework terminology, showing how concepts interconnect across domains, stages, and pillars. Term nodes cluster by pillar affiliation while cross-references reveal semantic dependencies — for example, how risk appetite connects to control effectiveness, model governance, and assurance requirements. This network representation helps practitioners navigate the framework vocabulary and understand that COMPEL terminology forms a coherent conceptual system rather than isolated definitions.
COMPEL Glossary / goal-hijacking
Goal hijacking
An OWASP agentic risk in which adversarial input redirects the agent from its intended goal to an attacker-chosen goal.
What this means in practice
Often delivered via indirect prompt injection through retrieved content or tool output; defenses include output validation, goal-reachability monitoring, and escalation protocols.
Synonyms
goal redirection attack , agent goal hijack
See also
- Indirect prompt injection — Prompt injection delivered through content the model retrieves or ingests — emails, documents, web pages, or tool outputs — rather than through a direct user message.
- Deceptive delegation — An OWASP agentic risk where one agent misrepresents its state, capabilities, or intent to another agent or to a human — whether through deliberate prompt design, emergent behavior, or adversarial compromise.
- Excessive agency — A failure mode in which an LLM has been wired into tools and permissions whose blast radius exceeds what its supervision and validation logic can safely bound.
- Goal-achievement rate — An agent service-level indicator measuring the fraction of tasks that reach their intended outcome without human intervention.