(www.codeintegrity.ai)

154 points abirag | 1 comments | 19 Sep 25 21:49 UTC | HN request time: 0.201s | source

Show context

tadfisher ◴[19 Sep 25 23:43 UTC] No.45308140[source]▶

Is anyone working on the instruction/data-conflation problem? We're extremely premature in hooking up LLMs to real data sources and external functions if we can't keep them from following instructions in the data. Notion in particular shows absolutely zero warnings to end users, and encourages them to connect GitHub, GMail, Jira, etc. to the model. At this point it's basically criminal to treat this as a feature of a secure product.

replies(4): >>45308229 #>>45309698 #>>45310081 #>>45310871 #

1. abirag ◴[19 Sep 25 23:54 UTC] No.45308229[source]▶

>>45308140 #

Hey, I’m the author of this exploit. At CodeIntegrity.ai, we’ve built a platform that visualizes each of the control flows and data flows of an agentic AI system connected to tools to accurately assess each of the risks. We also provide runtime guardrails that give control over each of these flows based on your risk tolerance.

Feel free to email me at abi@codeintegrity.ai — happy to share more

↑

Hidden risk in Notion 3.0 AI agents: Web search tool abuse for data exfiltration