Seriously? This is a painfully obvious prompt injection vulnerability (reminds me of SQL injection, actually). If you’re offering a “summarise with AI” functionality, then you should be sanitising the inputs properly. It should be a simple call to the API to tell it to summarise a dataset or particular webpage – not provide a query string.
But hat would require them to put in actual effort instead of just pushing out a minimum viable product and calling it the next evolutionary stage of computing.
Seriously? This is a painfully obvious prompt injection vulnerability (reminds me of SQL injection, actually). If you’re offering a “summarise with AI” functionality, then you should be sanitising the inputs properly. It should be a simple call to the API to tell it to summarise a dataset or particular webpage – not provide a query string.
But hat would require them to put in actual effort instead of just pushing out a minimum viable product and calling it the next evolutionary stage of computing.
Best we can offer is another AI doing sanitation