| ▲ | mapontosevenths 5 hours ago | |
> So we still don't have a reliable way to separate instructions from data when talking to an LLM Humans also do not know how to do this reliably, which is why phishing is still a thing and always will be. | ||
| ▲ | Smaug123 4 hours ago | parent [-] | |
I think the Stroop effect ("read these colour names, each written in a different colour") is probably the purest demonstration of this. Humans are trivially prompt-injectable. | ||