048 - Prompt Injection

The security researcher who initially brought Indirect Prompt Injection (of LLM-integrated systems) to the attention of many major tech companies, Kai Greshake, recently presented at Google DeepMind.

I've spoken to Kai a number of times, and highly recommend keeping up with his team's work. The number of people who actually do follow it gives you some idea of just how poorly prepared most companies contemplating LLM integrations are today.

Personally, I'd like to see a website that tracks which companies are integrating LLMs, specifically so that I can be notified and promptly delete my accounts with them.

His team's original paper on Indirect Prompt Injection is shown here.

See also the more recent work automating a universal adversarial system for prompt injection here: llm-attacks.org