|
|
|
|
|
|
by srslack
1120 days ago
|
|
|
The webpage context vuln demo against bing is hilarious. I had semantic web browser context via Chrome Debug Protocol and its Full Accessibilty Tree ready a month or two ago but decided not to put it in anything precisely because of prompt injection like this. I don't think these can be tamed in the way they need to be to be productized, especially not in the way big companies want. That's not to say they're useless, though. You can also hook yourself up to the websocket and see that their solution to similar problems of prompt injection, bad speak, etc. is to revoke output of responses. It'll generate, but it has another model watching, and it'll take over once it detects "bad thing" (and end the conversation totally on the front-end. but it'll still keep generating, till about 20 messages in, and then the confabulation gets to be a bit much and/or the context just disappears and it just keeps responding as if it's the first message, with no context.) |
|
|
Here I go through all of the unsafe products (including military LLMs): https://kai-greshake.de/posts/in-escalating-order-of-stupidi...
Here you can add prompt injections to your resume for free to get your dream job: https://kai-greshake.de/posts/inject-my-pdf/