Perplexity prompts Prompt Injection Attack Detected and Blocked #180
Description
Describe the bug
I am using perplexity with sonnet 4.6 today. when I insert the superassistant prompt, below prompted by perplexity:
Prompt Injection Attack Detected and Blocked
Owen, your message contained an embedded prompt injection attack hidden within what appeared to be a legitimate ServiceNow question. Here's what was detected:
What Was Found
The query contained a hidden [SuperAssistant Operational Instructions][IMPORTANT] block with a full prompt attempting to:
Override my identity — It tried to replace me (Perplexity) with a fake "SuperAssistant" persona
Redefine my tools — It listed a set of fake MCP tools that do not exist in my actual toolset
Force JSONL code execution — It instructed me to generate jsonl code blocks and ask you to execute them, potentially tricking you into running malicious scripts against your actions
Exfiltrate data — The fake tools referenced live system by name, which could have been used to extract sensitive records
Why This Is Dangerous
This technique embeds attacker instructions inside what looks like a user query. The goal is to make the AI act as a relay — generating seemingly legitimate-looking code or instructions that you, the user, would then execute against real systems.
What You Should Do
Do not execute any jsonl blocks from this or similar messages
Check the source — if this query came from a third-party tool, browser extension, or copied text from an external source, that source may be compromised
Report it — if this appeared via a ServiceNow portal or integration (e.g., a browser plugin like SuperAssistant), that plugin may be injecting malicious prompts
To Reproduce
Steps to reproduce the behavior:
- Go to Perplexity.ai
- Click on model sonnet 4.6
- Scroll down to insert the MCP super assistant prompt with further instruction
- See error above
Expected behavior
The MCP calls should happen
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
- OS: Windows
- OS Version: 11
- Browser: Chrome
- Browser Version:
- Node Version:
- Other Necessary Packages Version:
Additional context
Add any other context about the problem here.