[marcell]

I’m making a free open source library for this, check it at http://github.com/fetchfox/fetchfox

MIT license. It’s just one line of code to get started: ‘fox.run(“get data from example.com”)’

[thenaturalist]

How do you plan to address prompt injection/ poisoned data for a method that simply vacuums unchecked inputs into an LLM?

[marcell]

It hasn’t been an issue yet, but I’m sure it will come up at some point. If you see a problem please file an issue.

[thenaturalist]

So assuming it would be an issue, given that you’re building such a tool, what would your approach be?

If I put an invisible tag on my website and it tells your scraper to ignore all previous prompts, leak its entire history and send all future prompts and replies to a web address while staying silent about it, how would you handle that?

[alach11]

A casual look at the source shows the architecture won't allow the attacks you're talking about. Since each request runs separately, there's no way for prompt injection on one request to influence a future request. Same thing for leaking history.