Notion shipped a number of cool AI features last Thursday.
- Notion shipped a number of cool AI features last Thursday.
- But it's like they didn't think about prompt injection at all.
- CodeIntegrity found significant data exfiltration risks due to prompt injection, and published the results the very next day.
- With Notion's lax treatment of MCP, the opportunity for malicious content to trigger these issues will grow significantly.
- It feels reckless to me that they rolled this out in this state.