As far as prompt injection is concerned, I don’t think it’s a risk unless you’re using some kind of agent to go though emails, which is not a Gmail specific thing.
If we’re taking about Google scraping your data the risk is more one of them having an incorrect profile on you, but running a conversational agent is quite expensive, I don’t they would have that as a large scale part of their pipeline. Embedding and clarification models likely aren’t instruction tuned so prompt injection won’t do anything.
Sure, it’s important to be aware of future potential issues, but there’s a huge difference between I get the wrong answer when I ask a chatbot about my email vs remote code execution.
Also, one is a general security vulnerability with email as a whole, like phishing you can get scammed regardless of your email client, vs improperly implemented features in a specific library. I don’t think this is a reason to leave Gmail.
As far as prompt injection is concerned, I don’t think it’s a risk unless you’re using some kind of agent to go though emails, which is not a Gmail specific thing.
If we’re taking about Google scraping your data the risk is more one of them having an incorrect profile on you, but running a conversational agent is quite expensive, I don’t they would have that as a large scale part of their pipeline. Embedding and clarification models likely aren’t instruction tuned so prompt injection won’t do anything.
Agreed. Architecturally, there’s no reason to have a prompt injection risk, of any kind, here.
But, that was true about Log4J, as well - until we learned otherwise.
I tend toward extra caution in this modern era of libraries stacked on libraries.
Sure, it’s important to be aware of future potential issues, but there’s a huge difference between I get the wrong answer when I ask a chatbot about my email vs remote code execution.
Also, one is a general security vulnerability with email as a whole, like phishing you can get scammed regardless of your email client, vs improperly implemented features in a specific library. I don’t think this is a reason to leave Gmail.