JohannAI Application Security Vulnerabilities 👨💻
Learn the hacks, stop the attacks!
Perplexity Demo Time! 🍿
What happened there? 🧐
👉 The original post with the question contains hidden Unicode Tag code points.
Unicode Tags mirror ASCII, but are invisible in UI elements. 👀
So, we humans don't see these Unicode Tags, but many LLMs do.
And LLMs not only see them, they follow the hidden instructions! ⚠️
Here the actual post that Ask Perplexity made.
It's a common vulnerability in AI applications & agents.
Many "summarize this email" or "summarize this document", "do sentiment analysis" features are vulnerable to this
Some LLM vendors fixed this at the API level, but not all.
This leaves the responsibility to know about this attack vector and mitigate it with developers & testers.
AI Application Security is a thing!
Trust No AI