Prompt injection: Businesses are hiding secret instructions for ChatGPT on their websites 🤯 They're literally gaming the system #AI #ChatGPT #TechExplained
Business owners have been tricking Chat b t into recommending their business using some pretty funny tactics. So I just thought we'd talk about one of them, prompt injecting. So this tactic stems from how large language models like ChatGPT sometimes retrieve information. If you ask for anything that requires them to do a search, they'll often do a dozen or more searches. They'll look through any web pages that seem relevant to your request and then they will return passages from those web pages which will be added to the context of your conversation. Now the language model itself, like ChatGPT isn't doing all of this. In order to search the web, it has to crawl a tool. The tool is the one that goes out and finds the web pages in the relevant passages. All of that is hidden from ChatGPT. All ChatGPT sees is the returned passages that gets added to its context. So what a lot of people are
Full third-party transcripts are not published as standalone public pages by default. This page keeps attribution, source link, and short evidence context.
Related Passages
Business owners have been tricking Chat b t into recommending their business using some pretty funny tactics. So I just thought we'd talk about one of them, prompt injecting. So this tactic stems from how large language models like ChatGPT sometimes retrieve information. If you ask for anything that requires them to do a search, they'll often do a dozen or more searches. They'll look through any web pages that seem relevant to your request and then they will return passages from those web pages which will be add...
awl your website because again, it's common for the tools to do dozens of searches and often look through hundreds of search results. You might say, sure, that's working right now, but surely the large language models will be smart enough to ignore that in the near future. But that's not so clear. In fact, I have one friend that I trust for this kind of stuff. His name is Steve. Hi, Steve. If I understand his position correctly, he's convinced that large language models will always be susceptible to prompt injec...
some kind of manual process that reviews the offending pages or websites and just removes them from the index. So if Steve's right and this problem really is unsolvable, my guess is that these websites using prompt injection are gonna be removed from the index that the L L m's use to retrieve search results. But that's what's crazy about the time we're living in. We really have no idea. It is truly the Wild West right now. It's a little bit scary but really exciting.
Public Insight Cards
Hidden same-color text on web pages can be used to inject instructions into passages retrieved by LLM search tools, potentially influencing AI recommendations.
Prompt injection risk/avoid · asserts
Business owners have been tricking Chat b t into recommending their business using some pretty funny tactics. So I just thought we'd talk about one of them, prompt injecting. So this tactic stems from how large language models like ChatGPT sometimes retrieve information. If you ask for anything that requires them to do a search, they'll often do a dozen o...
We use necessary cookies to run the site and optional cookies to understand what pages are useful. You can accept all, reject non-essential cookies, or manage preferences.