Comment by ikurei
11 hours ago
It still happens, problems that are solved still happen when people don't take care to apply the solution. Diseases that were solved problems happen again when people stop taking the vaccines.
You can avoid SQL injection by just coding the same features with a bit of care. You loose nothing. Mistakes can always happen, but it's not even tricky to prevent SQL injection.
Right now the only way to avoid Prompt injection is to not let your agents see user input at all. A very wide range of features that we'd like to implement are unsafe and there isn't a way to prevent this reliably.
I guess we'll need to get used to control the agent's permissions very tightly, and taylor them per-conversation. The agent I speak to for customer support must only have access to my data, and not because of instructions in the system prompt, these will need to be hard limits.
No comments yet
Contribute on Hacker News ↗