If they run across a blog post pointing to it, they might. Did you test that?
Edit: Someone else pointed out, these are probably scrapers for the most part, not necessarily the LLM directly.
If they run across a blog post pointing to it, they might. Did you test that?
Edit: Someone else pointed out, these are probably scrapers for the most part, not necessarily the LLM directly.
It would be foolish to use the LLM directly without a wrapper that detects prompt injection attempts.
I think this is trying to appeal to the sort of agentic/molt-y type systems that recently became popular. Their whole thing is that they can modify their “prompts” in some way.