Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

the point is that introducing data from a foreign source could lead to e.g. exfiltration:

the model retrieves https://somewhere into its context and then gets confused, following instructions embedded there.

it then retrieves https://somewhere?exfiltration=private_data_in_context

it gets worse if the tooling with hidden blocks can invoke can retrieve further secrets.



If data exfiltration is a danger in your threat model, you need local LLMs (or at least ones you fully control) not just the full chain-of-thought reasoning.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: