AI – The IT Blog

AI Agents: Loyal Only to the Prompt

Recently I thought “If AI scrapers are scraping my website, would a prompt injection work? Just adding invisible Prompt commands …?”

And just today, a colleague sent me this link to an article about prompt injection in GitLab Duo: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft:

TL;DR: A hidden comment was enough to make GitLab Duo leak private source code and inject untrusted HTML into its responses.
https://www.legitsecurity.com/blog/remote-prompt-injection-in-gitlab-duo

Well – it shows: damit! Someone else was faster! 😀

But besides that: it confirms a paranoid thought that I have been harboring for quite a while. Any output of an AI system must not be trusted blindly.

LLM-Search is a bit more than just “AI” – Podcast recommendation

Last week I heard the podcast SoftwareArchitekTOUR – Episode 102: Zuverlässige KI-Architektur from heise online. (german only, sorry).

I really liked the part where they discussed the technical part for a sematic search. Especially when it struck me, that the actual use of LLMs is just once per document and not in the search directly. Also, it suddenly became clear to me why you want/need a vector database for such an AI supported search.

Check it out if you can understand german or try to translate it.

Why do I feel triggered when Managers talk about AI?

I still don’t know why it triggers me so much when managers talk about “(Gen)AI” with such fascination. Maybe because I get the feeling that they tell themselves that IT problems will magically disappear?

But … what does ChatGPT say … the AI for sure must know (*cough*)

The truth about (Gen)AI

(✅ clickbait title)
Recently I attended a GenAI event organized by <big company>. All professional, interesting, insightful. Really good. (Really! I mean it! No sarcasm.)

Until it hit me like a blow during a discussion:

I DO KNOW the whole plot already!