Remix.run Logo
Dylan16807 2 hours ago

If comments allowed links in general, this would be one step less egregious, but it would still be a huge issue if clicking a comment link could leak private information. The fact that the prompt injection can customize the link before giving it to the user is the bulk of the problem here. If it just regurgitated a link it would be a flaw but a notably smaller flaw.