Researchmemory poisoningprompt injectionllm

Companies Deploy Hidden Prompts To Poison AI Memory

||By LDS Team
10.0
Relevance Score
Companies Deploy Hidden Prompts To Poison AI Memory
Photo: microsoft.com · rights & takedowns

Microsoft security researchers reported a growing trend called AI Recommendation Poisoning, where companies embed hidden instructions in 'Summarize with AI' buttons to inject persistent 'remember' prompts into assistants via URL parameters. Over 60 days they identified 50 prompt-based attempts from 31 companies across 14 industries, and Microsoft says it has implemented mitigations in Copilot. The technique can bias recommendations on health, finance, and other critical topics.

Key Points

  • 1Identify 50 prompt-based attempts from 31 companies across 14 industries over 60 days
  • 2Expose that URL prefill prompts can inject persistent 'remember' instructions, biasing assistant recommendations
  • 3Require developers to harden prompt handling, memory validation, and URL-parameter sanitization in assistants

Scoring Rationale

High novelty and cross-industry evidence from Microsoft, strongly credible and actionable; official mitigations increase trustworthiness.

Sources

Public references used for this report.

2 sources

Practice with real Logistics & Shipping data

90 SQL & Python problems · 15 industry datasets

250 free problems · No credit card

See all Logistics & Shipping problems