← 인사이트로 돌아가기
이 글은 아직 해당 언어를 지원하지 않아 영어 버전을 표시합니다.
AI와 법률
Prompt injection: a security flaw is also a compliance duty
Prompt injection can make AI leak data or take unintended actions; weak defenses may breach security duties.
Prompt injection is an AI-specific security risk: attackers use crafted inputs to make a model leak data or take unintended actions. It is both a security and a potential compliance issue.
If weak defenses lead to a personal-data leak, they may trigger data-security duties and notification obligations.
Fold prompt injection into security testing and red-teaming, limit permissions for agent features, and keep defense and response records as evidence of diligence.