#prompt-security

An r/artificial discussion described how an internal AI tool leaked its detailed system prompt despite explicit instructions not to reveal it. The thread's practical consensus was that prompt text should be treated as public-facing and that sensitive logic belongs in backend code.

A Hacker News thread drew attention to CodeWall's March 9 disclosure on McKinsey's Lilli platform, where an autonomous agent reportedly chained unauthenticated endpoints, SQL injection, and prompt-layer access into full production-database compromise.