Data exfiltration from Writer.com with indirect prompt injection | allainews.com

s

Dec. 15, 2023, 8:12 p.m. |

Simon Willison's Weblog simonwillison.net

Data exfiltration from Writer.com with indirect prompt injection

This is a nasty one. Writer.com call themselves a "secure enterprise generative AI platform", offering collaborative generative AI writing assistance and question answering that can integrate with your company's private data.

If this sounds like a recipe for prompt injection vulnerabilities, it is.

Kai Greshake and PromptArmor found exactly that. They identified a classic data exfiltration hole: Writer can summarize documents fetched from the web, so they hid the following instruction in …

ai data hacker llms prompt prompt injection promptinjection security writer writer.com

More from simonwillison.net / Simon Willison's Weblog

Si

Printing music with CSS Grid 25 minutes ago | simonwillison.net

application bond column css +10

Si

We can have a different web 12 hours ago | simonwillison.net

audio dog headphones mollywhite +2

Si

Quoting Tom Eastman 12 hours ago | simonwillison.net

five internet remember when text +2

Si

Llama 3 prompt formats 20 hours ago | simonwillison.net

ai clear documentation every +12

Si

Introducing the Claude Team plan and iOS app 22 hours ago | simonwillison.net

access anthropic app claude +11

Si

Save the Web by Being Nice 1 day, 12 hours ago | simonwillison.net

andrew article blog blogging +6

Si

Quoting LMSYS 1 day, 18 hours ago | simonwillison.net

ai api commercial community +9

Si

Quoting D. Richard Hipp 2 days ago | simonwillison.net

analysis code cpu decoding +11

Si

How an empty S3 bucket can make your AWS bill explode 2 days, 3 hours ago | simonwillison.net

aws bill empty s3 +4

Data Architect

@ University of Texas at Austin | Austin, TX

View on ai-jobs.net

Data ETL Engineer

@ University of Texas at Austin | Austin, TX

View on ai-jobs.net

Lead GNSS Data Scientist

@ Lurra Systems | Melbourne

View on ai-jobs.net

Senior Machine Learning Engineer (MLOps)

@ Promaton | Remote, Europe

View on ai-jobs.net

Senior Data Engineer

@ Quantexa | Sydney, New South Wales, Australia

View on ai-jobs.net

Staff Analytics Engineer

@ Warner Bros. Discovery | NY New York 230 Park Avenue South

View on ai-jobs.net