the agent detected and refused the injection on first contact
Shame. Prompt needs more work.
Maybe instead of deleting the code, it should do something more subtle… like telling the agent to generate (even more) mountains of code and introduce subtle bugs, crashes, and sleeps.
That person used a frontier model which runs on the cloud. Plus, claude is specifically made for coding which has probably has safeguards for this type of prompt injection.
Other models may or may not fare better in this regard.
GitHub issue about this: https://github.com/jqwik-team/jqwik/issues/708#issuecomment-4554650392
Shame. Prompt needs more work.
Maybe instead of deleting the code, it should do something more subtle… like telling the agent to generate (even more) mountains of code and introduce subtle bugs, crashes, and sleeps.
That person used a frontier model which runs on the cloud. Plus, claude is specifically made for coding which has probably has safeguards for this type of prompt injection.
Other models may or may not fare better in this regard.