logoalt Hacker News

muldvarptoday at 5:58 PM1 replyview on HN

Well prompt injection is pretty much unfixable. So if they actually saw this as a security vulnerability they would have to remove this feature.


Replies

afarah1today at 6:36 PM

Couple of things that could be done, from the top of my head:

- Strip links, script tags, etc - Apply the same filters used in user comments - Add a warning indicating user-generated content may be present

The post suggests the UX is problematic in that it allows user-generated links to pass as YouTube generated content. I'm not familiar with Creator Studio to know if this is the case, but if so, simple changes can go a long way.