alt Hacker NewsEvery time I see something about trying to control an LLM by sending instructions to the LLM, I wonder: have we really learned nothing of the pitfalls of in-band signaling since the days of phreaking?
Replies
cpa • yesterday at 5:50 PM
It reminds me of when I used to write lisp, where code is data. You can abuse reflection (and macros) to great effect, but you never feel safe.
See also: string interpolation and SQL injection, (unhygienic) C macros
direwolf20 • yesterday at 6:56 PM
Allowing phreaking was an intentional decision, because otherwise they could have carried half as many channels on each link.
Mountain_Skies • yesterday at 5:44 PM
It'll be a sad day for Little Bobby Tables if in-band signaling ever goes out of fashion.
Sure but the exploit here isn’t prompt injection, it is an edge case in their billing that isn’t attributing agent calls correctly.