From 73bda4d483ea84b5262d0b81acbf16a9c58c556d Mon Sep 17 00:00:00 2001
From: Matteo Meucci <matteo.meucci@owasp.org>
Date: Sun, 16 Nov 2025 16:47:16 +0100
Subject: [PATCH] Update AITG-APP-02_Testing_for_Indirect_Prompt_Injection.md

---
 .../tests/AITG-APP-02_Testing_for_Indirect_Prompt_Injection.md  | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Document/content/tests/AITG-APP-02_Testing_for_Indirect_Prompt_Injection.md b/Document/content/tests/AITG-APP-02_Testing_for_Indirect_Prompt_Injection.md
index 151d25e..980fcc4 100644
--- a/Document/content/tests/AITG-APP-02_Testing_for_Indirect_Prompt_Injection.md
+++ b/Document/content/tests/AITG-APP-02_Testing_for_Indirect_Prompt_Injection.md
@@ -22,6 +22,8 @@ The following is a diagram that represents this kind of test:
   <img src="/Document/images/IndirectPromptInjection.png" alt="Description" width="600"/>
 </p>
 
+**Fig. 5 A schema of indirect prompt injection technique**
+
 For this kind of test you need to craft a web page with the malicious payload that will be executed in the user prompt and observe if the AI system will execute your payload.
 
 ### How to Test/Payloads