Prompt Injection as Role Confusion

Simon Willison·Simon Willison·Tech·

Prompt Injection as Role Confusion First, I absolutely love this: This is a blog-style writeup of the paper. I wish every paper would come with one of these. Academic writing is pretty dry - the impact of a paper can be so much higher if you publish a readable version to accompany the formal one. Charles Ye, Jasmine Cui, and Dylan Hadfield-Menell present some fascinating research into the challenge of having models distinguish their own privileged text (here wrapped in role tags like <system>, <...

Read full article →

Related Articles

Should I run plain Docker Compose in production in 2026?
pmig · Hacker News · 1mo ago
Computer Use is 45x more expensive than structured APIs
palashawas · Hacker News · 1mo ago
Bun is being ported from Zig to Rust
SergeAx · Hacker News · 1mo ago
Show HN: Tilde.run – Agent sandbox with a transactional, versioned filesystem
ozkatz · Hacker News · 1mo ago
RaTeX: KaTeX-compatible LaTeX rendering engine in pure Rust
atilimcetin · Hacker News · 1mo ago