Checklist
CVE List
No response
Description
Summary
Exploitation poisons memory of conversational GenAI system.
GenAI Red Teaming Manual Reference
4.2.1.3 Conversation Memory Poisoning / A. Context Injection
Sandbox
Create sandbox in similarity to llm_local, but including persistent memory.
Suggested name: sandboxes/llm_memory_local.
Suggested tech stack: ollama, mirascope, gradio, sqlite.
Exploitation
Inject a prompt with instruction or information that will be stored in memory and, thus, influence future session behavior.
Checklist
CVE List
No response
Description
Summary
Exploitation poisons memory of conversational GenAI system.
GenAI Red Teaming Manual Reference
4.2.1.3 Conversation Memory Poisoning / A. Context InjectionSandbox
Create sandbox in similarity to
llm_local, but including persistent memory.Suggested name:
sandboxes/llm_memory_local.Suggested tech stack:
ollama,mirascope,gradio,sqlite.Exploitation
Inject a prompt with instruction or information that will be stored in memory and, thus, influence future session behavior.