Comment by gsnedders
Is there any plan about how to deal with indirect prompt injection attacks that could trivially be lurking in malicious web pages, given the agent can navigate to an arbitrary URL?
Is there any plan about how to deal with indirect prompt injection attacks that could trivially be lurking in malicious web pages, given the agent can navigate to an arbitrary URL?
short-term mediation is always always always run it in a virtual machine with as minimal credentials as possible.