Ask HN: What is the state of prompt injection attacks and best practices?
I am curious about the state of prompt injection attacks on frontier models. Are they still vulnerable? For example, is it safe to let Claude Code look at user-submitted data if it also helps manage some of the infrastructure or code? Can they just be asked to identify prompt injection attacks and flag and ignore them, or do injection attacks change the models' behavior despite the owner's prompts? What are best practices?
No comments yet.