📄 中文摘要
对 50 个来自公共 GitHub 仓库的系统提示进行了测试,评估其对提示注入攻击的脆弱性。测试结果显示,平均得分为 3.7/100,其中 70% 的提示没有任何防御措施,只有少数提示得分超过 10。最佳得分为 28/100,显示出大多数系统在防御提示注入攻击方面的不足。这项测试揭示了 AI 应用在安全性方面的严重问题,尤其是在面对潜在的攻击时,开发者需要更加关注系统提示的安全性和防护措施。
我从公共 GitHub 仓库中提取了 50 个系统提示并测试了它们的提示注入漏洞。平均得分:3.7/100。70% 没有防御措施。最佳得分为 28/100。以下是按攻击类别的完整细分。
📄 English Summary
I pulled 50 system prompts from public GitHub repos and tested them for prompt injection vulnerabilities. Average score: 3.7/100. 70% had zero defenses. The best score was 28/100. Here's the full breakdown by attack category.
A test was conducted on 50 system prompts extracted from public GitHub repositories to evaluate their vulnerabilities to prompt injection attacks. The average score was 3.7 out of 100, with 70% of the prompts showing no defenses against such attacks. Only a few prompts scored above 10, with the highest score being 28 out of 100. These results highlight significant security issues within AI applications, particularly regarding their defenses against potential attacks. Developers need to pay more attention to the security of system prompts and implement better protective measures.