Found a real case of plugin innate security/privacy breaches

As a responsible user, I won’t discuss about the actual case, of course. Since this is not a technical loophole of ChatGPT, I’d like to point out the security weakness conceptually.

Suppose you install two plugins DrSmithPlugin and DrJohnsonPlugin. Most of you don’t want to disclose your chats with your doctor to another stranger doctor. Also, if you are so unlucky in your divorce proceedings (bless your heart, stay married :grinning:), you wouldn’t probably want to share your conversations with HusbandLawyerPlugin with WifeLawyerPlugin.

It is an innate problem: you either give the ChatGPT free will to route your messages to maximize its intelligence, or withhold that free will to diminish its potential.

Right now, the only workaround for me is to advise my users of enabling just one plugin at a time so that the users would make an informed decision of whether they would trust that plugin or not.

1 Like

I’ve not worked or used the plugins much, but is there actually a case of there being intermingling of data between different applications ?

Considering that each API call made to the model is independent of the session or any other calls being made. I doubt this might be the case or am I completely wrong ?

1 Like