Agent Goal Hijack
Injected instructions hidden in a web page, tool output, or retrieved document quietly redirect an agent away from the task its operator actually gave it.
Beacon Plane C runs a content-safety scan over every tool/MCP response and model input/output — reusing Constellation's prompt-injection layer — while a Tier-3 intent classifier asks “does this action match the stated task?” and Tier-2 flags trajectory anomalies before they complete.