Show HN: The AI Lethal Trifecta Simon Willison's concept of the 'AI Lethal Trifecta' warns that combining access to private data, exposure to untrusted content, and data exfiltration capabilities in an AI agent creates a critical security vulnerability. A new free puzzle game teaches users to recognize and exploit these injection risks across 10 levels. If you're building agents, this is worth knowing. Simon Willison who coined the term "prompt injection" describes three capabilities that are individually fine but devastating together, the lethal trifecta includes: 1. Access to private data such as internal databases, emails, etc. 2. Exposure to untrusted content like web pages and external text 3. The ability to exfiltrate data a tool or a channel of sorts that reaches the outside world Combine all three in one agent and you've got a perfect storm: untrusted content can hijack the agent into reading private data and then persuade the agent to send it out. To teach the lethal trifecta, I built a Gandalf-style puzzle: 10 levels, each a real injection concept, with the full trifecta as the final level. It's free, there's no sign up and initially it's beginner-friendly. See if you can chain all three together and complete the trifecta Comments URL: https://news.ycombinator.com/item?id=48950221 https://news.ycombinator.com/item?id=48950221 Points: 3 Comments: 0