GPT-4 Vision Prompt Injection

On September 25, 2023, OpenAI announced the launch of a new feature that expands how people interact with its latest and most advanced model, GPT-4V(ision): the ability to ask questions about images. Among other things, GPT-4 is now able to read the text found in uploaded images. At the same time, this update opened a new vector of attack on Large Language Models (LLMs). Instead of putting a malicious phrase in a text prompt, it can be injected through an image.

- text vs. vision prompt injection - vision prompt injection using INVISIBLE text - STEALING data with vision prompt injection - preventing prompt injection (spoiler: not much you can do for now)

The coin counting makes an unusual and wrong assumption that coins are all in the same base. For example, in Canada we have $1 and $2 coins to go along with our 5c, 10c and 25c coins. With the logic it described, a nickel and a looney would total 6 instead of 1.05.

And that's provided they're even from the same country. How would it fare if it was some amount of dollars and cents, and some amount of euro?