How any mature company can allow this to be enabled for their employees to use is beyond me. I assume commercial customers at scale will be able to disable this?

Obviously in some companies employees will look to use it without permission. Why deliberately opening up attackable routes to your infrastructure, data and code bases isn't setting off huge red flashing lights for people is puzzling.

Guess it might kill the AI buzz.

▲

simonw 5 days ago | parent [-]

I'm pretty sure the majority of companies won't take these risks seriously until there has been at least one headline-grabbing story about real financial damage done to a company thanks to a successful prompt injection attack.

I'm quite surprised it hasn't happened yet.

	▲	NomDePlum 5 days ago \| parent [-]
		The issue with the more concerning types of these attacks is they are either never spotted, or they take months to execute. Public disclosure is unlikely in a lot of cases. Even widespread internal disclosure is probably not a common occurrence. Routinely large public companies are however having to admit breaches and being compromised so why we are making the modern day equivalent of an infected USB drive available is puzzling.