Hi all,

I was wondering if any mitigations for the hashjack vulnerability are planned.

As far as I understand it, without agentic tools this mainly works through social engineering and getting you to click on things that you shouldn't be clicking on, so immediate catastrophic consequences are unlikely, but injection of malicious information or links into the AI's response affects all AI tools that browse the web and synthesize information. So it could become a problem when clicking on a source link that Perplexica returns.

Any plans for patching this? And in the meantime, any suggestions to minimize the risk? I've added a system prompt telling the model to ignore all instructions it encounters while browsing the web, but I think that's a weak defense tbh.

Thanks