| ▲ | zahlman a day ago | |
> an attacker ... what exactly is your threat model? How are "attackers" getting themselves involved in the first place? | ||
| ▲ | irthomasthomas a day ago | parent [-] | |
Your ai does a web search for you and scrapes many sites. An attacker running a blog might include a hidden text prompt which your ai acts on secretly, such as calling a url that exfiltrates your chat history. | ||