LLMs are extremely confusable deputies.
- LLMs are extremely confusable deputies.
- In security, one type of vulnerability is the confused deputy.
- A powerful entity is tricked into applying their powers in a way the user didn't intend.
- LLMs are inherently gullible and extremely confusable.
- That means you can't give LLMs that have been provided untrusted input any kind of power.
- That's the core of the prompt injection problem[qj].