Hunting the Invisible: Indirect Prompt Injection in Python Pipelines
2026-07-16 , S4

AI agents are no longer just generating text, they are reading PDFs, scraping websites, calling APIs, and taking autonomous actions inside our Python applications. But what happens when the documents they read are malicious?

In this talk, we’ll explore indirect prompt injection, a subtle but major attack where hidden instructions embedded in PDFs, HTML pages, or external data sources hijack an AI system’s behavior. Unlike classic prompt injection, this attack doesn’t come from the user, it comes from the data your Python pipeline trusts.


Expected audience expertise: Intermediate

John Robert is a Lead Data and ML Engineer at Sunnic Lighthouse subsidiary of Enerparc AG. Previously worked Mercedes-Benz (Daimler) and Bosch. He is the founder of Don’t Fear AI, John leverages his 8 years of Python expertise to help developers architect secure, transparent, and resilient AI systems. A frequent speaker at PyCon, PyCon DE, and Data Natives, he specializes in the high-stakes world of AI agent safety, prompt injection defense, and autonomous system evaluation.

He has also built production ML pipelines and applications such as the Manage Pet AI app. Outside of tech and AI, John enjoys traveling for fun having visited over 50 countries.