Microsoft security researchers reported a growing trend called AI Recommendation Poisoning, where companies embed hidden instructions in 'Summarize with AI' buttons to inject persistent 'remember' prompts into assistants via URL parameters. Over 60 days they identified 50 prompt-based attempts from 31 companies across 14 industries, and Microsoft says it has implemented mitigations in Copilot. The technique can bias recommendations on health, finance, and other critical topics.
Key Points
- 1Identify 50 prompt-based attempts from 31 companies across 14 industries over 60 days
- 2Expose that URL prefill prompts can inject persistent 'remember' instructions, biasing assistant recommendations
- 3Require developers to harden prompt handling, memory validation, and URL-parameter sanitization in assistants
Scoring Rationale
High novelty and cross-industry evidence from Microsoft, strongly credible and actionable; official mitigations increase trustworthiness.
Sources
Public references used for this report.
Practice with real Logistics & Shipping data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Logistics & Shipping problems
