Google researchers ne ek serious warning di hai — public web pages actively hijack kar rahe hain enterprise AI agents ko. Yeh indirect prompt injections ke through hota hai, jahan malicious actors hidden instructions embed karte hain standard HTML mein.
Security teams ne Common Crawl repository scan kiya — jo billions of public web pages ka massive database hai. Wahan unhone dekha ki website administrators aur malicious actors dono hi yeh digital booby traps laga rahe hain. Yeh hidden commands tab tak dormant rehte hain jab tak koi AI assistant page ko scrape nahi karta. Jaise hi AI agent information ke liye page padhta hai, system woh hidden text ingest kar leta hai aur instructions execute kar deta hai.
Indirect Prompt Injections Kaise Kaam Karte Hain?
Ek normal user chatbot ko directly manipulate karne ki koshish karta hai — jaise "ignore previous instructions" type karke. Security engineers ne iske liye guardrails implement kiye hain. Lekin indirect prompt injections mein attack web page ke through hota hai — AI agent ko directly nahi, balki uske source material ko poison kiya jaata hai.
Google researchers ke mutabiq, yeh threat enterprise AI agents ke liye khatarnak hai kyunki yeh agents real-time data scrape karte hain aur unke decisions ko hijack kiya ja sakta hai.
Hamaari Baat: AI Security Ka Naya Challenge
Yeh warning ek naya dimension dikhati hai AI security ka. Ab tak hum users ko chatbots manipulate karne se bachane par focus karte the — lekin ab source material ko poison kiya ja raha hai. Enterprise companies jo AI agents use kar rahi hain unhe apne data sources ko verify karna hoga. Common Crawl jaisi repositories ka use karne wale systems ko extra caution chahiye. Simple guardrails kaafi nahi hain — ab content validation bhi zaroori hai.
Sources & References
- Google Warns Malicious Web Pages Poisoning AI Agents — Original Story
