A real prompt-injection case — and the blind spot it exposed in my own scanner
A prompt injection vulnerability was discovered in GitLab Duo, where malicious instructions could be hidden within project content using encoding techniques like Unicode smuggling and Base16. Researchers at Legit Security demonstrated this exploit, which was subsequently patched by GitLab. This case highlights a blind spot in deterministic scanners, like the one developed by the author, which may fail to detect such encoded or split system prompt leaks. AI
IMPACT Highlights the ongoing challenge of securing AI systems against sophisticated prompt injection attacks and the need for more robust detection methods.