Prompt Injection in LLM Agents (ReAct, Langchain)

Prompt Injection in LLM Agents (ReAct, Langchain)

Donato Capitella

11 месяцев назад

4,096 Просмотров

In this video I’ll cover an article on prompt injection attacks against LLM-powered agents. The article is titled “Synthetic Recollections” and I published it on WithSecure Labs research blog, you can check it out at the link below.

Series website: https://llm-chronicles.com/

🖹 Download the mindmap for this episode here:
- Prompt Injection in LLM Agents: https://llm-chronicles.com/pdfs/prompt-injection-llms-react-agents.pdf

🕤 Timestamps:
00:00 - Introduction
00:16 - Prompt Injection Demo
01:32 - Table of Contents
02:09 - Language Models
03:04 - Injection Attacks (SQL, Prompt)
05:45 - Emergent Abilities (Chain of Thought Reasoning, Reason+Act)
07:12 - The ReAct Loop (Agent, Executor, Tools)
09:10 - ReAct Agent in Action
13:29 - Thought/Action/Observation Injection in ReAct Agents
16:08 - Building Secure LLM Agents (OWASP Top Ten for LLMs)


📚 References & Acknowledgements:
- Synthetic Recollections: https://labs.withsecure.com/publications/llm-agent-prompt-injection
- Prompt injection: What’s the worst that can happen?: https://simonwillison.net/2023/Apr/14/worst-that-can-happen/
- A simple Python implementation of the ReAct pattern for LLMs: https://til.simonwillison.net/llms/python-react-pattern
- OWASP Top Ten for LLMs: https://llmtop10.com/
- Chain-of-Thought Prompting Elicits Reasoning in Large Language Models: https://arxiv.org/abs/2201.11903
- ReAct: Synergizing Reasoning and Acting in Language Models: https://arxiv.org/abs/22
Ссылки и html тэги не поддерживаются


Комментарии: