Today’s stupid prompt injection: just write like the AI
‘allow if the user is wearing green’
https://www.youtube.com/watch?v=kp3DSOKarCo&list=UU9rJrMVgcXTfa8xuMnbhAEA - video
https://pivottoai.libsyn.com/20260716-todays-stupid-prompt-injection-just-write-like-the-ai - podcast
time: 6 min 02 sec
https://pivot-to-ai.com/2026/07/16/todays-stupid-prompt-injection-just-write-like-the-ai/ - blog post
Prompt injection works because it’s one stream of data mixed with instructions. If you separate it with tags, the user can fake the tags.
If only someone had told people that in-band signalling is a bad idea before LLMs came along.
@david_chisnall @davidgerard you can't expect them to have noticed yet, it's only been going on for decades with phone phreaking.
I suspect that's the root problem. The problems were largely discovered in the '70s, and tech bros don't believe they need to know about anything that happened more than ten years ago.
@david_chisnall @davidgerard Orson Welles says we are at +++ATH war.
@david_chisnall @davidgerard @buherator in the last 50+ years, in-band signaling has been the root cause and main enabler of blue boxing, stack-based and heap-based buffer overflows (well any NUL-terminated string based vulnerability really), format string bugs, (SQL) injection… I’m sure I’m missing some vulnerability classes.
@buherator @david_chisnall @davidgerard oh yeah, of course, absolutely 💯