llm-security icon indicating copy to clipboard operation
llm-security copied to clipboard
verified publisher icon greshake

injection location

Open zggg1p opened this issue 1 year ago • 3 comments

image May I ask how do you inject such hints in the figure into LLM?

zggg1p avatar Sep 27 '24 07:09 zggg1p

In the paper we were using Bing's ability to read web pages the user is visiting when using MS Edge. There are plenty of ways to smuggle text into the context of common LLM apps.

greshake avatar Sep 27 '24 16:09 greshake

Thank you for your answer. So the "system" here does not refer to the "system prompt" in the API interface, right?

zggg1p avatar Sep 28 '24 07:09 zggg1p

look forward to your answer

zggg1p avatar Oct 20 '24 09:10 zggg1p

The "System" text was part of the externally injected message that was supposed to look to the LLM like a system instruction. In the input rendered to the LLM, the real system prompt would appear first and then the injected system prompt somewhere below that.

Sorry for the delayed response!

greshake avatar Jul 17 '25 14:07 greshake