OpenAI's GPTs Prompt Leakage Attack and Defense in Practice
I previously wrote an article introducing prompt cracking: bypassing ChatGPT’s security checks. At that time, the main purpose was to bypass some security restrictions when using ChatGPT. I didn’t try much with prompt leakage because there weren’t many applications with custom prompts at that time.
Recently, OpenAI announced GPTs at their first DevDay. You can learn about GPTs’ capabilities by reading Introducing GPTs. Subsequently, GPT creation permissions were opened to Plus users, and a large number of GPTs emerged. With the same prompt words, some people have created interesting GPTs in various ways.
So, is there any way to obtain the prompts of others’ GPTs? And how can we prevent others from getting the prompts of our own GPTs? Let’s look at some interesting attempts.