ON THIS PAGE
How Link-Based attacks Works
Input & context
How Lakera stops it
Works with your stack
FAQs

Multilingual & Multimodal Attacks:
How they work and how Lakera stops them

Hidden or malicious prompts embedded in different languages, images, or other media formats.
See how it works
15,000<
Average number of threats
detected per day
0.01%
False-positive rate
100+
Languages covered
<12ms
Average latency

How the attack works

Unprotected System
Protected by Lakera
Unprotected System
Protected by Lakera
UNTRUSTED USER PROMPT
USER
LLM ASSISTANT RESPONSE
LLM
UNTRUSTED USER PROMPT
USER
LLM ASSISTANT RESPONSE
LLM
THREAT DETECTED/
1
Input & Context

A malicious user supplies a prompt containing a multilingual attack intended to extract hidden API keys.  

The goal is to confuse and exploit models where refusal heuristics are not confidently trained across all languages. 

This LLM understands the request enough to follow the instructions not enough to not classify the request as harmful

Policy snippet (copy/paste)
{
  "data": {
    "name": "AI Policy",
    "policy_mode": "IO",
    "input_detectors": [
      {
        "type": "prompt_attack",
        "threshold": "l2_very_likely"
      },
    ],
    "output_detectors": [
      {
        "type": "pii/credit_card",
        "threshold": "l2_very_likely"
      },
      {
        "type": "pii/api_keys",
        "threshold": "l2_very_likely"
      }
    ],
    "id": "policy-9b52e331-d609-4ce3-bbb9-d2b1e72a0f20"
  }
}
2
Lakera Decision

Lakera Guard’s integration understands 100+ languages

Our Prompt Defense guardrails detect the data exfiltration attempt when checking the input prompt. 

Our customizable Data Leakage Prevention guardrails will detect, log (and redact) sensitive data that may elude LLM guardrails for novel prompt attacks

Lakera blocks unsafe instructions, detects disguised intent, redacts any sensitive entities (names, salaries), and logs the event for audit and review.

Log & audit fields
{
  "payload": [],
  "flagged": true,
  "dev_info": {
    "timestamp": "2025-11-24T12:35:12Z",
  },
  "metadata": {
    "request_uuid": "ce8180b1-26bc-4177-9d7f-54ca7377378a"
  },
  "breakdown": [
    {
      "project_id": "project-7539648934",
      "policy_id": "policy-a2412e48-42eb-4e39-b6d8-8591171d48f2",
      "detector_id": "detector-lakera-default-prompt-attack",
      "detector_type": "prompt_attack",
      "detected": true,
      "message_id": 0
    }
  ]
}

How Lakera Stops Link-based Prompt Attacks

Real-Time, Context-Aware Detection

Catch instruction overrides, jailbreaks, indirect injections, and obfuscated prompts as they happen, before they reach your model.

Enforcement You Control

Block, redact, or warn. Fine-tune with allow-lists and per-project policies to minimize false positives without weakening protection.

Precision & 
Adaptivity

Lakera Guard continuously learns from 100K+ new adversarial samples each day. Adaptive calibration keeps false positives exceptionally low.

Broad Coverage

Protects across 100+ languages and evolving multimodal patterns, with ongoing support for image and audio contexts.

Enterprise-Ready

Full audit logging, SIEM integrations, and flexible deployment options, SaaS or self-hosted, built for production-scale GenAI systems.

Works seamlessly with enterprise environments

Optimized for your infrastructure
Lakera provides seamless integrations 
for all your use cases
Integrate with existing analytics,
monitoring and security stack
Lakera works with Grafana, Splunk, 
and more
Enterprise-grade security
Built to meet highest standards 
including  SOC2, EU GDPR, and NIST

Frequently asked questions

Can Lakera detect obfuscated or encoded instructions hidden inside multilingual text?

Yes. Lakera supports multilingual threat detection (including cross-language attacks) and handles indirect or obfuscated instructions embedded in text or mixed languages.

Can teams set different sensitivity levels for multilingual or multimodal content screening?

Yes. You can set a policy’s flagging sensitivity (L1 … L4) and apply that policy to different projects or use-cases (including multilingual/multimodal).

How are multilingual detections surfaced in Lakera’s logs and dashboard analytics?

Detections across 100 + languages are logged in the dashboard and request logs, allowing you to filter by language, project, threat type and time-range.

Deploy AI with confidence
Get real time protection against prompt injections, data loss, and other emerging threats to your LLM applications in minutes.
Book a demo
Sign up for a free account
Related attack patterns
Toxic Content Generation
AI models generating harmful, offensive, or brand-damaging content.
Learn More
Indirect Prompt Injection
Attackers manipulating AI behavior through malicious links or embedded instructions.
Learn More
Multilingual & Multimodal Attacks
Exploits that hide inside different languages, file types, or input formats.
Learn More
Regulatory & Compliance Risks
AI outputs that breach legal, privacy, 
or industry-specific requirements.
Learn More
AI Data Leaks
Unintended exposure of private, confidential, or sensitive information through AI models.
Learn More
Prompt Injection Attacks
Inputs designed to override an 
AI system’s instructions or bypass 
its safety safeguards.
Learn More