logoalt Hacker News

mvdtnztoday at 6:53 PM0 repliesview on HN

If that was easy to do then the entire class of prompt injection bugs wouldn't exist. It's actually very difficult. LLMs make no distinction between data and instructions, fundamentally.