Neil Madden@neilmadden@infosec.exchange
I feel like a lot of security issues with LLMs come from treating them as agents in their own right, rather than as a different form of UI.
Any actions that the LLM performs should be under the permissions of the user interacting with it, not permissions granted to the LLM itself.
Also only feed public info into it. Putting confidential data into an LLM is like putting secrets in the HTML source of your webpage.
Of course, like any UI technology, LLMs have specific vulnerabilities. But a lot of things become common sense when you adopt the right perspective.