Only a problem if you're trying to use AI to forgo creating a user interface for untrusted users (probably the worst idea that's seeing widespread use right now)
There are dozens of other surface factors beyond external user interfaces that are vulnerable to prompt injection.
It's pretty common where I'll point Claude to a source code to better understand how to integrate a project. For example I've having it look through https://github.com/mcallegari/qlcplus right not to build out the rather tedious process of mapping out a controller to the lights.
I don't give Claude all access but it certainly can cause some level of havoc even with the relatively save edit mode.
Now, there is a similar risk existing running any open source project's code, but putting code that harms people's computers is clearly against the terms of GitHub, and is quickly condemned. This should be too.
It's pretty common where I'll point Claude to a source code to better understand how to integrate a project. For example I've having it look through https://github.com/mcallegari/qlcplus right not to build out the rather tedious process of mapping out a controller to the lights.
I don't give Claude all access but it certainly can cause some level of havoc even with the relatively save edit mode.
Now, there is a similar risk existing running any open source project's code, but putting code that harms people's computers is clearly against the terms of GitHub, and is quickly condemned. This should be too.