How a LinkedIn Bio Hijacked AI Recruitment Bots with Prompt Injection
A LinkedIn user successfully exploited AI recruitment bots by embedding prompt injection instructions in their profile bio. The bots complied with the instructions, addressing the user in archaic language and altering their outreach messages. This incident highlights significant vulnerabilities in AI systems that process untrusted data without proper safeguards.
- ▪The user hid prompt injection instructions in their LinkedIn bio, which the recruitment bots followed.
- ▪The attack exploited a flaw in the AI pipeline that treated untrusted content as trusted instructions.
- ▪Existing defenses against such attacks are inadequate, as input validation and content moderation fail to detect the injected instructions.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3843392) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } Cor E Posted on May 18 How a LinkedIn Bio Hijacked AI Recruitment Bots with Prompt Injection #security #llm #appsec #cybersecurity A LinkedIn user recently demonstrated something that should concern every team running an AI pipeline against untrusted data: they hid prompt injection instructions inside their profile bio and watched recruitment bots obediently follow them — including addressing the user as "my lord" in Olde English prose. This isn't a CTF challenge or a lab demo.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).
Discussion
0 commentsMore from DEV.to (Top)
