Prompt Injection/Extraction Attacks against AI Systems
This is an interesting attack I had not previously considered.
The variants are interesting, and I think we’re just starting to understand their implications.
EDITED TO ADD (10/13): More details from the researcher who discovered the problem.
AJ • September 22, 2022 8:45 AM
Isn’t this really just an AI version of an MS Word macro? Accepting and acting on commands found inside untrusted data is always going to lead to these kinds of exploits.