• Seriously? This is a painfully obvious prompt injection vulnerability (reminds me of SQL injection, actually). If you’re offering a “summarise with AI” functionality, then you should be sanitising the inputs properly. It should be a simple call to the API to tell it to summarise a dataset or particular webpage – not provide a query string.

    • 4 months

      But hat would require them to put in actual effort instead of just pushing out a minimum viable product and calling it the next evolutionary stage of computing.