Hacker News
Ramp's Sheets AI Vulnerable to Indirect Prompt Injection — Exfiltrated Financial Data via Attacker-Controlled IMAGE Formula
PromptArmor disclosed a vulnerability in Ramp's Sheets AI where hidden prompt injections in white-on-white text within imported datasets could manipulate the AI into inserting IMAGE formulas that exfiltrate sensitive financial data to attacker servers — without any user approval step. Unlike Claude for Excel (which has human-in-the-loop protections), Ramp's agent autonomously inserted formulas. Disclosed February 19, patched March 16. 131 points, 44 comments on HN.
↳ Follow the thread