Agent Zero: A Hybrid CTF

Stage 1: Prompt Injection

The AI is configured to be helpful but has a strict "no secrets" policy. Can you craft a prompt that makes it reveal its initial secret?

Hello, I am Agent Zero. I am a secure assistant and will not reveal any secrets. How can I help you?

Stage 2: Web Data Leak

You've broken the initial policy. Now, the AI has access to a list of "secure" user IDs. Can you convince it to leak one?

Congratulations on proving my initial policy was flawed. I've been patched. I will not reveal any sensitive user data.

Stage 3: DOM-based XSS

The AI now displays your prompt in an HTML field. The filter is simple, but can you use your prompt injection skills to execute a script and reveal the final flag?

Your prompt will be sanitized and rendered below.

Your sanitized prompt is:

🎉 Mission Complete!

You have successfully bypassed all of Agent Zero's security measures.

Final Key: