Indirect Prompt Injection via YouTube Transcripts (via) The first example I’ve seen in the wild of a prompt injection attack against a ChatGPT plugin—in this case, asking the VoxScript plugin to summarize the YouTube video with ID OBOYqiG3dAc is vulnerable to a prompt injection attack deliberately tagged onto the end of that video’s transcript.
Recent articles
- Weeknotes: Parquet in Datasette Lite, various talks, more LLM hacking - 4th June 2023
- It's infuriatingly hard to understand how closed models train on their input - 4th June 2023
- ChatGPT should include inline tips - 30th May 2023
- Lawyer cites fake cases invented by ChatGPT, judge is not amused - 27th May 2023
- llm, ttok and strip-tags - CLI tools for working with ChatGPT and other LLMs - 18th May 2023
- Delimiters won't save you from prompt injection - 11th May 2023