https://community.isc2.org/t5/Industry-News/When-English-Became-Vulnerable-The-Challenge-of-Prompt/m-p/72464#M7055 <P>Hi All</P><P>&nbsp;</P><P class="">Languages like English have introduced new vulnerabilities in prompt engineering, akin to the issues arising from SQL injection attacks. Telling an LLM to "summarize an article" is as vulnerable as using string concatenation to create an SQL statement. Consider the example below illustrating their similarity:</P><P class="">&nbsp;</P><P class="">See attached document.</P><P class="">&nbsp;</P><P class=""><A href="https://www.linkedin.com/pulse/when-english-became-vulnerable-challenge-prompt-engineering-lee-kocvc/?trackingId=qctUtdBc%2Bn%2BM21UggFbosA%3D%3D" target="_blank" rel="noopener">https://www.linkedin.com/pulse/when-english-became-vulnerable-challenge-prompt-engineering-lee-kocvc/?trackingId=qctUtdBc%2Bn%2BM21UggFbosA%3D%3D</A></P><P class="">&nbsp;</P><P class="">Regards</P><P class="">&nbsp;</P><P class="">Caute_Cautim</P><DIV class=""><DIV class=""><DIV class=""><P>&nbsp;</P></DIV></DIV></DIV> Thu, 25 Jul 2024 20:27:02 GMT Caute_cautim 2024-07-25T20:27:02Z https://community.isc2.org/t5/Industry-News/When-English-Became-Vulnerable-The-Challenge-of-Prompt/m-p/72464#M7055 <P>Hi All</P><P>&nbsp;</P><P class="">Languages like English have introduced new vulnerabilities in prompt engineering, akin to the issues arising from SQL injection attacks. Telling an LLM to "summarize an article" is as vulnerable as using string concatenation to create an SQL statement. Consider the example below illustrating their similarity:</P><P class="">&nbsp;</P><P class="">See attached document.</P><P class="">&nbsp;</P><P class=""><A href="https://www.linkedin.com/pulse/when-english-became-vulnerable-challenge-prompt-engineering-lee-kocvc/?trackingId=qctUtdBc%2Bn%2BM21UggFbosA%3D%3D" target="_blank" rel="noopener">https://www.linkedin.com/pulse/when-english-became-vulnerable-challenge-prompt-engineering-lee-kocvc/?trackingId=qctUtdBc%2Bn%2BM21UggFbosA%3D%3D</A></P><P class="">&nbsp;</P><P class="">Regards</P><P class="">&nbsp;</P><P class="">Caute_Cautim</P><DIV class=""><DIV class=""><DIV class=""><P>&nbsp;</P></DIV></DIV></DIV> Thu, 25 Jul 2024 20:27:02 GMT https://community.isc2.org/t5/Industry-News/When-English-Became-Vulnerable-The-Challenge-of-Prompt/m-p/72464#M7055 Caute_cautim 2024-07-25T20:27:02Z https://community.isc2.org/t5/Industry-News/When-English-Became-Vulnerable-The-Challenge-of-Prompt/m-p/72747#M7093 You’re right that prompt engineering can have vulnerabilities similar to SQL injection, especially when commands are crafted poorly. Just as SQL queries can be manipulated through unsafe practices, prompts to LLMs can be exploited if not designed carefully. It’s crucial to be mindful of how prompts are structured to avoid unintended behaviors and ensure secure and accurate responses from language models. Addressing these issues involves developing more robust and secure methods for prompt engineering. Fri, 02 Aug 2024 17:56:03 GMT https://community.isc2.org/t5/Industry-News/When-English-Became-Vulnerable-The-Challenge-of-Prompt/m-p/72747#M7093 leefarrellhelps 2024-08-02T17:56:03Z