|
|
|
|
|
|
by goodside
976 days ago
|
|
|
I’d quibble with #1 slightly — prompt injection is an attack whoever otherwise controls the model, regardless of whether that party a human. We think of SQL injection as an attack against an application (not its DBMS, which behaves as intended), but it’s still SQL injection if a business analyst naively pastes a malicious string into their hand-written SQL. These new examples differ from traditional prompt injection against LLM-wrapper apps in an analogous way. |
|
|