It’s undeniable that 2023 has been a year of technological breakthroughs. The beginning of the year brought us the astounding ChatGPT, and as we approach the end, Google Gemini has sparked our imagination once again.

According to Google’s official introduction, Gemini is the first model to surpass human experts in MMLU (Massive Multitask Language Understanding). Its capabilities in reasoning, mathematics, and coding also surpass those of GPT-4. Moreover, it’s a multimodal model that can simultaneously process text, images, sound, and video, with evaluation scores higher than GPT-4V.

Previously, I created a tool for Lawyer Xiao Sheng to regularly screen posts online and determine if they are legal consultation-related. This requires text classification to judge whether the specified post content involves legal issues. As a backend developer with no experience in natural language processing, I only had a basic understanding of machine learning principles from my studies, but had never actually done a classification task. Fortunately, with ChatGPT now available, I decided to use its API for classification.

I previously wrote an article introducing prompt cracking: bypassing ChatGPT’s security checks. At that time, the main purpose was to bypass some security restrictions when using ChatGPT. I didn’t try much with prompt leakage because there weren’t many applications with custom prompts at that time.

Recently, OpenAI announced GPTs at their first DevDay. You can learn about GPTs’ capabilities by reading Introducing GPTs. Subsequently, GPT creation permissions were opened to Plus users, and a large number of GPTs emerged. With the same prompt words, some people have created interesting GPTs in various ways.

So, is there any way to obtain the prompts of others’ GPTs? And how can we prevent others from getting the prompts of our own GPTs? Let’s look at some interesting attempts.