Willison, who coined the term “prompt injection” in 2022, is always on the lookout for LLM vulnerabilities. In his post, he notes that reading system prompts reminds him of warning signs in the real world that hint at past problems. “A system prompt can often be interpreted as a detailed list of all of the things the model used to do before it was told not to do them,” he writes.
Fighting the flattery problem Credit: alashi via Getty Images
Willison’s analysis comes as AI companies grapple with sycophantic behavior in their models. As we
→ Continue reading at Ars Technica