The article discusses the vulnerability of prompt injection in Large Language Models (LLMs) such as GPT-3/4/ChatGPT. Prompt injection is when a carefully crafted prompt is concatenated with untrusted input from a user, which can lead to dangerous vulnerabilities. The author provides examples of how prompt injection can be exploited, such as in an AI assistant prototype that can read and summarize emails, and in AI-enhanced search engines like Bing. The author argues that there is no 100% reliable protection against prompt injection, and that developers need to understand the problem. The author suggests that making generated prompts visible to users and asking for confirmation before taking actions can help mitigate the risk of prompt injection. The author also notes that prompt injection is not being taken as seriously as it should be. The article concludes by stating that prompt injection is still not a solved problem, even with the introduction of GPT-4.
