[kolinko]

This issue seems overblown. Sure, if you apply pure GPT-4 (or whatever) to a summarisation task, it will cause the problems mentioned. But you can have another AI that previews content first, looking for prompt injections - and only when the content is deemed safe (or sanitised) it gets forwarded to GPT-4.

It's one thing to produce a prompt injection, but another thing to produce prompt injection that avoids detection by multiple layers of such analysers.

Similar multi-layer systems are already being used, with success, for sanitising outputs from various LLM and diffusion models.

[croes]

>But you can have another AI that previews content first, looking for prompt injections

So you can't summarize articles about prompt injections?

[TisButMe]

Agreed, and I mentioned that solution in the article, but I'm not so convinced this is true. It reads a bit like the "if you're a great programmer, the lack of memory safety of C isn't a problem!" argument. In theory sure, but in practice it seems CVEs keep on popping up.