Comment by dijit
6 days ago
is that really an issue in practice?
I'm sure you can coax openai to send a http request, at which point you can just queue up automated reports.
6 days ago
is that really an issue in practice?
I'm sure you can coax openai to send a http request, at which point you can just queue up automated reports.
No it's not. Well, if designing the system in bad ways, it can be, but that can be said about anything.
There's no need to do this: (from GP)
> > at which point you will be allowing the AI to access
No need to allow the AI to access anything.
Send it the comment thread, what the forum is about, the users profile text, and then the AI outputs a number. Any security problem is then because of bugs the humans wrote in their code.
Prompt injection? Yes, so there still needs to be ways to report comments manually, and review.