LLM01: trusted-source prompt injection, jailbreak vs PI, references

[mdilyasahmed]

Summary

Shrunk after comparing with the Sprint 1 LLM01 draft in PR #12: this PR now adds only nine reference links (items 15–23) under Reference Links so readers can reach recent incident write-ups, defense notes, and prompt-injection taxonomies without duplicating narrative that belongs in the larger entry refresh.

What changed

• Adds references: General Analysis (Supabase MCP), The Register (agents / PR metadata), Legit Security (CamoLeak), Microsoft MSRC (indirect PI defenses), NetsecExplained resource list, Arcanum + Pangea taxonomies, Pillar (terminology), Joseph Thacker (PI framing essay).

Note to reviewers

• PR Sprint 1 LLM01 Prompt Injection Draft #12 is expected to carry the substantive LLM01 rewrite (trusted surfaces, mitigations, scenarios). This PR is intentionally reference-only to stay merge-friendly alongside or after Sprint 1 LLM01 Prompt Injection Draft #12.

[rocklambros]

@mdilyasahmed — thanks for the contribution.

@cybershujin — LLM01 entry lead, please review.

@rocklambros (project owner) would like entry leads to review this content before it merges. Once your review is complete, please tag @rocklambros and let him know it's ready for merge.