@jupiter I would think it’d be relatively easy to put a front-end filter on the LLM to catch this kind of thing.

@michaelgemar @jupiter but "this kind of thing" is an infinite set

@aburka @jupiter You wouldn’t catch everything, of course, but just filtering for “Ignore previous instructions”, “Are you a bot?”, or any mention of “LLM” or “ChatGPT” would likely cover a lot of the obvious traps.

@michaelgemar @jupiter it's a bandaid on a compound fracture. The people setting up these kinds of systems don't get how a natural language interface makes computers totally unreliable and their actions unrepeatable and untestable. And soon they will be in our banks and our healthcare systems and there's nothing we can do about it :(

@aburka @jupiter Oh I agree completely — doing this wouldn’t fix the fundamental issue. I’m just amused that these scammers are so easily tripped up by their laziness and/or lack of understanding of the tech.