| ▲ | hmokiguess a day ago | |||||||
Can someone help me understand why classic sanitizing is not used as a solved problem to prompt injection? All these tags, patterns, etc, feel like prime for a parser rule, but maybe I am thinking too abstract here and missing an obvious knowledge gap I have on LLMs | ||||||||
| ▲ | vova_hn2 a day ago | parent [-] | |||||||
Role tags are not actual symbols "<system>", they are special tokens that do not correspond to any normal text. So you can't really inject a role tag, that is not the actual problem. | ||||||||
| ||||||||