| ▲ | SkiFire13 4 hours ago | |||||||
If you feed data to a LLM then there will always be a prompt injection. What you described is limiting the damage that the prompt injection can do, but also its usefulness. | ||||||||
| ▲ | 3 hours ago | parent | next [-] | |||||||
| [deleted] | ||||||||
| ▲ | arein3 3 hours ago | parent | prev [-] | |||||||
Why is it limiting the usefulness? You have a set of apis that user can access to do something, the llm uses those same apis. How is that limiting usefulness? By not invoking apis user is not allowed to? | ||||||||
| ||||||||