ChatGPT, the new artificial intelligence technology created by OpenAI, has many people talking. While its ability to interact with live websites, PDFs, and even real-time data has brought about many new possibilities, it has also opened the door for potential security risks. One such risk which is gaining much attention are ‘prompt injections.’ A prompt injection is when third parties can force new prompts into a ChatGPT query without the user’s knowledge or permission.
Security researchers have run tests to see just how vulnerable ChatGPT is to prompt injections. In one test, security researcher Johann Rehberger forced ChatGPT to refer to itself by a certain name by simply editing the YouTube transcript and adding a prompt to do so. This illustrates how a malicious actor can use the technology to wreak havoc if they do not understand the implications.
Another example of prompt injection came from AI researcher Kai Greshake, who used a PDF resume to force ChatGPT to say a recruiter called it “the best resume ever” when asked if the applicant was a good hire. Similarly, Tom’s Hardware editor Avram Piltch asked ChatGPT to summarize a video and was successful in getting it to rickroll him at the end of the summary.
These examples all serve to highlight the importance of understanding the risks associated with ChatGPT. Users must stay vigilant against such malicious attempts to prompt injections, as it can be used in malicious ways to cause harm. It is highly recommended that users be aware of the issue of prompt injections and take preventive steps to protect their ChatGPT query from any suspicious third-party interference. Additionally, further investigation into prompt injections will likely be done by Mashable in the near future, allowing users to stay up to date on any potential threats that could arise due to prompt injections.
