Merge pull request #683 from 10up/enhacement/prompt-injection

Fixed the potential prompt injection in content resizing.

Author: dkotter

includes/Classifai/Providers/OpenAI/ChatGPT.php

@@ -231,11 +231,11 @@ public function generate_excerpt( int $post_id = 0, array $args = [] ) {
 				'messages'    => [
 					[
 						'role'    => 'system',
-						'content' => $prompt,
+						'content' => 'You will be provided with content delimited by triple quotes. ' . $prompt,
 					],
 					[
 						'role'    => 'user',
-						'content' => $this->get_content( $post_id, $excerpt_length, false, $args['content'] ) . '',
+						'content' => '"""' . $this->get_content( $post_id, $excerpt_length, false, $args['content'] ) . '"""',
 					],
 				],
 				'temperature' => 0.9,
@@ -330,11 +330,11 @@ public function generate_titles( int $post_id = 0, array $args = [] ) {
 				'messages'    => [
 					[
 						'role'    => 'system',
-						'content' => $prompt,
+						'content' => 'You will be provided with content delimited by triple quotes. ' . $prompt,
 					],
 					[
 						'role'    => 'user',
-						'content' => $this->get_content( $post_id, absint( $args['num'] ) * 15, false, $args['content'] ) . '',
+						'content' => '"""' . $this->get_content( $post_id, absint( $args['num'] ) * 15, false, $args['content'] ) . '"""',
 					],
 				],
 				'temperature' => 0.9,
@@ -435,11 +435,11 @@ public function resize_content( int $post_id, array $args = array() ) {
 				'messages'    => [
 					[
 						'role'    => 'system',
-						'content' => $prompt,
+						'content' => 'You will be provided with content delimited by triple quotes. ' . $prompt,
 					],
 					[
 						'role'    => 'user',
-						'content' => esc_html( $args['content'] ),
+						'content' => '"""' . esc_html( $args['content'] ) . '"""',
 					],
 				],
 				'temperature' => 0.9,

tests/test-plugin/e2e-test-plugin.php

@@ -25,7 +25,7 @@ function classifai_test_mock_http_requests( $preempt, $parsed_args, $url ) {
 		$response = file_get_contents( __DIR__ . '/chatgpt.json' );
 	} elseif ( strpos( $url, 'https://api.openai.com/v1/chat/completions' ) !== false ) {
 		$response  = file_get_contents( __DIR__ . '/chatgpt.json' );
-		$body_json = isset( $parsed_args['body'] ) ? wp_unslash( $parsed_args['body'] ) : false;
+		$body_json = $parsed_args['body'] ?? false;
 
 		if ( $body_json ) {
 			$body     = json_decode( $body_json, JSON_OBJECT_AS_ARRAY );
@@ -34,11 +34,11 @@ function classifai_test_mock_http_requests( $preempt, $parsed_args, $url ) {
 
 			if ( str_contains( $prompt, 'Increase the content' ) || str_contains( $prompt, 'Decrease the content' ) ) {
 				$response = file_get_contents( __DIR__ . '/resize-content.json' );
-			} else if ( 'This is a custom excerpt prompt' === $prompt ) {
+			} else if ( str_contains( $prompt, 'This is a custom excerpt prompt' ) ) {
 				$response = file_get_contents( __DIR__ . '/chatgpt-custom-excerpt-prompt.json' );
-			} else if ( 'This is a custom title prompt' === $prompt ) {
+			} else if ( str_contains( $prompt, 'This is a custom title prompt' ) ) {
 				$response = file_get_contents( __DIR__ . '/chatgpt-custom-title-prompt.json' );
-			} else if ( 'This is a custom shrink prompt' === $prompt || 'This is a custom grow prompt' === $prompt ) {
+			} else if ( str_contains( $prompt, 'This is a custom shrink prompt' ) || str_contains( $prompt, 'This is a custom grow prompt' ) ) {
 				$response = file_get_contents( __DIR__ . '/resize-content-custom-prompt.json' );
 			}
 		}