| ▲ | Dylan16807 3 hours ago |
| Yeah, if going to site and just clicking a link given to me by the site itself is getting socially engineered, then something is very wrong with that site. |
|
| ▲ | krackers 2 hours ago | parent [-] |
| Youtube comments are also links given by the site. I think in this case it's not necessarily the prompt injection that's the issue but the fact that untrusted content allows formatted links. YouTube doesn't allow clicabkle links in comments iirc, so the same needs to be applied here. |
| |
| ▲ | jdiff an hour ago | parent | next [-] | | Those are pretty clearly delineated as user-generated content, and also aren't able to be modified to include information that the malicious user doesn't have another way of accessing. | |
| ▲ | Dylan16807 2 hours ago | parent | prev [-] | | If comments allowed links in general, this would be one step less egregious, but it would still be a huge issue if clicking a comment link could leak private information. The fact that the prompt injection can customize the link before giving it to the user is the bulk of the problem here. If it just regurgitated a link it would be a flaw but a notably smaller flaw. |
|