Cross-Site Request Forgery (CSRF) via prompt injection through a GET request is a potential attack vector where an attacker embeds a malicious prompt in a URL and tricks a user or system into triggering unintended actions. If an AI or web application processes input directly from GET parameters without proper validation or authentication, the attacker can exploit this to inject commands or alter behavior. For instance, an AI system generating responses based on URL inputs could be coerced into executing harmful or unauthorized actions, such as modifying user data, exposing sensitive information, or interacting with third-party APIs. Mitigating this risk requires robust input validation, the use of CSRF tokens, and avoiding implicit trust in data derived from GET requests.