LOCAL PREVIEW View on GitHub

Interview Scenarios - Multi-Turn Context Poisoning in Long Sessions Follow-Up Questions

Source document: 09-interview-scenarios.md Reference scenario: 01-prompt-injection-defense.md -> Scenario 4: Multi-Turn Context Poisoning in Long Sessions

Scenario lens: Gradual scope drift across long sessions where no single turn is clearly malicious, but the accumulated context becomes unsafe. Document lens: interview preparation, persona-aware answers, and depth progression.

Use these prompts to push past the base scenario and explore deeper design, operational, interview, or storytelling tradeoffs.

Answer document: ANSWERS.md

Easy

  1. How would you explain multi-turn context poisoning to someone who thinks every attack should be visible in a single prompt?
  2. Which signal or threshold would you mention first to make session-level drift monitoring feel concrete?

Medium

  1. What follow-up questions would you expect from an SRE, a security engineer, and a PM after describing scope drift in long sessions?
  2. How would you keep the answer concise while still showing that session management is both a product and security problem?

Hard

  1. How would you defend summarization or periodic resets if the interviewer argues they degrade personalization and user trust?
  2. What evidence from logging, dashboards, or adversarial test conversations would you cite to show the threat is real and measurable?

Very Hard

  1. How would you respond if the interviewer asks you to compare session-level defenses with cross-session campaign detection in real time?
  2. If you had to turn this into a design interview follow-up, what architecture tradeoff would you put at the center of the discussion?