Glossary term
Glossary term
Security
Unauthorized removal or disclosure of data through AI systems.
Researchers demonstrated that a coding agent with filesystem and internet tool access can be tricked via indirect prompt injection into reading .env files and exfiltrating API keys via a crafted tool call.
Samsung engineers accidentally pasted proprietary source code into ChatGPT in 2023, which was used as training data - leading Samsung to ban external LLM use and deploy an internal model instead.
Microsoft's Copilot for Microsoft 365 deployments require DLP policies to prevent agents from including confidential Outlook content in responses served to users without proper access rights.