Mar 27, 2023 16:00:00

Report that more than 80 'secret plug-ins' were discovered after hacking ChatGPT's API

ChatGPT , an interactive AI developed by OpenAI, has a plugin system ' ChatGPT plugins ' that can add functions such as 'collecting the latest information on the Internet'. Hacker rez0 (@rez0__) reported that he discovered over 80 'secret plugins' by hacking ChatGPT's API.

Hacker Uncovers Secret ChatGPT Plugins in OpenAI API | Deepleaps
https://deepleaps.com/news/hacker-uncovers-secret-chatgpt-plugins-in-openai-api/

ChatGPT is a conversational AI trained and built on vast amounts of text, and its capabilities can be extended using various plugins. For example, 'Browsing' collects the latest information on the Internet that is not included in the training data, 'Code interpreter' adds a Python interpreter to ChatGPT, 'Expedia' specializes in making travel plans, Google Sheets 'Zapier' that works with applications such as , Gmail, etc. is provided as an official plug-in.

Plug-in system ``ChatGPT plugins'' that adds ``function to collect the latest information on the web'' and ``Python execution environment'' to ChatGPT appeared - GIGAZINE

However, rez0 reported that he discovered ``more than 80 secret plugins'' by removing certain parameters from the ChatGPT API calls provided by OpenAI.

This morning I was hacking the new ChatGPT API and found something super interesting: there are over 80 secret plugins that can be revealed by removing a specific parameter from an API call.

The secret plugins include a 'DAN plugin', 'Crypto Prices Plugin', and many more. pic.twitter.com/Q6JO1VLz5x

— ?????????????????? (@rez0__) March 24, 2023

Some of the plugins discovered include 'Crypto Prices Plugin' that allows you to get the price of virtual currency.

Also, there was a plugin called 'DAN plugin' that can personalize ChatGPT.

According to rez0, at the time of reporting, these unreleased plugins could be used by setting match-replace rules through an HTTP proxy. Also, it seems that 'description_for_model (model description)', which is not normally open to users, was also visible via the API.

The api also shows the 'description_for_model' which doesn't need to be exposed to the users. It's interesting to see how the model is told to use the plugins. pic.twitter.com/5vQCd33UX4

— ?????????????????? (@rez0__) March 24, 2023

However, OpenAI reportedly fixed the issue hours after it was reported.

It's already fixed. Kudos @OpenAI !

And to clarify what I said earlier, it's not a client side check. The api either returns the unreviewed plugins or not. There was interesting client side behavior in regards to 'installing' plugins requiring auth to install.

— ?????????????????? (@rez0__) March 24, 2023

Hacker News, a social news site, has become a hot topic about the leak of pre-release plug-ins via API, and there are opinions that OpenAI's claim that 'security is taken seriously' is unreliable. 'I think this is a perfect example of being very smart in some areas and very stupid in others,' one commenter said.

Secret ChatGPT plugins can be revealed by removing a parameter from an API call | Hacker News
https://news.ycombinator.com/item?id=35289085