Post · bonfire.cafe

ChatGPT added MCP support on Wednesday.

ChatGPT leaked private Gmail data to attackers by Friday. 🤦‍♂️

Because #promptinjection is not a problem these "PhD level" AI assistants have solved.

Look at that calendar invite. That text is all it took for taking over someone's #ChatGPT connected data. Allowing the attacker to use the same #MCP enabled tools that are supposed to make AI useful at work.

It really is as stupid as @davidgerard keeps telling in Pivot to AI.

Google calendar invite with prompt injection payload, used for instructing ChatGPT to send the latest user email to an external email address.

#promptinjection #MCP #chatgpt

Pēteris Krišjānis

@peteriskrisjanis@toot.lv · 8 months ago

@span jukkan @span davidgerard what is MCP dare I ask?

Jukka Niiranen

@jukkan@mstdn.social · 8 months ago

Demo video in this LinkedIn post:
https://www.linkedin.com/posts/eito-miyamura-157305121_we-got-chatgpt-to-leak-your-private-email-ugcPost-7372306040236797952-TehF