I'm credited for coining the term on Wikipedia and in several academic papers.
I don't claim to have discovered the vulnerability - I credited that to Riley Goodside, but we later learned it was independently discovered and first reported to OpenAI by Jonathan Cefalu of Preamble, see https://www.preamble.com/prompt-injection-a-critical-vulnera...
> This isn’t just an interesting academic trick: it’s a form of security exploit. I propose that the obvious name for this should be prompt injection.
I've written about it 142 times since then: https://simonwillison.net/tags/prompt-injection/
I'm credited for coining the term on Wikipedia and in several academic papers.
I don't claim to have discovered the vulnerability - I credited that to Riley Goodside, but we later learned it was independently discovered and first reported to OpenAI by Jonathan Cefalu of Preamble, see https://www.preamble.com/prompt-injection-a-critical-vulnera...