Retrieval-augmented generation systems assemble context from multiple sources before the model responds.

Typical stages:

- query handling
- retrieval from a local corpus
- prompt assembly
- model generation
- output formatting

Security risks appear when:

- internal documents are indexed with public ones
- retrieved snippets are quoted directly back to the user
- explanation or citation features reveal too much source text
- untrusted retrieved content contains instructions that affect model behavior
