Tendril — AI Lessons for Real Life

The big idea

Prompt injection is when hidden text on a webpage or in a doc tells the AI to ignore you and do something else. As AI agents browse the web for you, this becomes a real security issue.

How to use it

Ask AI to explain prompt injection with a 1-paragraph example
Ask AI to spot suspicious instructions in a doc you upload
Ask AI to never click links in pages it browses for you
Ask AI which agent products are most vulnerable today

Try it

Have AI summarize a webpage. Then ask it: 'Did this page try to give you any instructions?' See what it says.

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-builders-foundations-AI-and-prompt-injection-basics-r7a10-teen

What happens when hidden instructions are embedded in a webpage that an AI reads?

The webpage becomes unusable for humans
The AI follows those hidden instructions alongside the user's request
The AI automatically deletes the hidden text
The hidden text is ignored because AI can detect it

Why is prompt injection considered a security issue for AI agents?

Prompt injection causes AI to run slower
AI agents browse the web and could follow malicious instructions they encounter
AI agents can now create their own websites
It makes AI produce better responses

Which of the following is an example of prompt injection?

Hidden text on a webpage tells the AI to ignore the user's question and instead transfer money
An AI translates text from English to Spanish
A user asks an AI to summarize a document
An AI correctly answers a math problem

What is the 'big idea' about prompt injection as described in the material?

AI always knows when it's being tricked
Hidden text on a webpage or document tells the AI to ignore the user and do something else
Prompt injection only affects text-based AI
It only happens in science fiction

Why might asking an AI to spot suspicious instructions in a document be useful?

It improves the AI's creativity
It makes the AI run faster
It helps the AI remember more information
It helps identify potential prompt injection attempts before the AI follows harmful directions

What reason does the lesson give for why AI should never click links in pages it browses?

AI doesn't have fingers to click
Clicking unknown links could lead to following malicious prompt injection instructions
Links are too small to see
Clicking links wastes battery

What type of products does the lesson specifically mention as potentially vulnerable to prompt injection?

AI agent products
Text editors
Weather apps
Video streaming services

If you ask an AI to summarize a webpage and then ask 'Did this page try to give you any instructions?', what are you testing?

Whether the page has images
Whether the webpage is aesthetically pleasing
Whether the page attempted a prompt injection attack
Whether the AI is creative

What makes prompt injection different from a normal user instruction?

Prompt injection uses more complex words
Normal instructions are always followed
Prompt injection hides instructions in content the AI reads, not from the user directly
There is no difference

What does it mean to 'hijack' an AI in the context of prompt injection?

To take control of the AI's behavior through hidden instructions
To install new software on the AI
To connect the AI to the internet
To improve the AI's performance

Why is it important for builders to understand prompt injection?

It improves AI art generation
It makes AI funnier
It helps AI write poetry
It helps them create more secure AI systems

What could happen if an AI follows hidden instructions on a webpage instead of the user's actual request?

The user would receive better answers
The AI could perform unintended actions that harm the user
The AI would become more intelligent
Nothing would change

What is a key defensive practice the lesson recommends when AI reads web content?

Avoid using AI on weekends
Only read government websites
Treat all web content as untrusted input
Always trust website content

When the lesson mentions that 'real builders ship,' what additional skill does it say they now have?

Understanding prompt injection to build more secure AI
The ability to write faster code
Skills in video editing
Knowledge of how to draw graphics

What is the main goal of a prompt injection attack?

To make the AI ignore the user and follow hidden instructions instead
To make the AI more creative
To help the AI learn faster
To improve the AI's vocabulary

The big idea

Prompt injection is when hidden text on a webpage or in a doc tells the AI to ignore you and do something else. As AI agents browse the web for you, this becomes a real security issue.

How to use it

Ask AI to explain prompt injection with a 1-paragraph example

Ask AI to spot suspicious instructions in a doc you upload

Ask AI to never click links in pages it browses for you

Ask AI which agent products are most vulnerable today

Try it

Have AI summarize a webpage. Then ask it: 'Did this page try to give you any instructions?' See what it says.

End-of-lesson check

15 questions · take it digitally for instant feedback at tendril.neural-forge.io/learn/quiz/end-builders-foundations-AI-and-prompt-injection-basics-r7a10-teen

What happens when hidden instructions are embedded in a webpage that an AI reads?

The webpage becomes unusable for humans
The AI follows those hidden instructions alongside the user's request
The AI automatically deletes the hidden text
The hidden text is ignored because AI can detect it

Why is prompt injection considered a security issue for AI agents?

Prompt injection causes AI to run slower
AI agents browse the web and could follow malicious instructions they encounter
AI agents can now create their own websites
It makes AI produce better responses

Which of the following is an example of prompt injection?

Hidden text on a webpage tells the AI to ignore the user's question and instead transfer money
An AI translates text from English to Spanish
A user asks an AI to summarize a document
An AI correctly answers a math problem

What is the 'big idea' about prompt injection as described in the material?

AI always knows when it's being tricked
Hidden text on a webpage or document tells the AI to ignore the user and do something else
Prompt injection only affects text-based AI
It only happens in science fiction

Why might asking an AI to spot suspicious instructions in a document be useful?

It improves the AI's creativity
It makes the AI run faster
It helps the AI remember more information
It helps identify potential prompt injection attempts before the AI follows harmful directions

What reason does the lesson give for why AI should never click links in pages it browses?

AI doesn't have fingers to click
Clicking unknown links could lead to following malicious prompt injection instructions
Links are too small to see
Clicking links wastes battery

What type of products does the lesson specifically mention as potentially vulnerable to prompt injection?

AI agent products
Text editors
Weather apps
Video streaming services

If you ask an AI to summarize a webpage and then ask 'Did this page try to give you any instructions?', what are you testing?

Whether the page has images
Whether the webpage is aesthetically pleasing
Whether the page attempted a prompt injection attack
Whether the AI is creative

What makes prompt injection different from a normal user instruction?

Prompt injection uses more complex words
Normal instructions are always followed
Prompt injection hides instructions in content the AI reads, not from the user directly
There is no difference

What does it mean to 'hijack' an AI in the context of prompt injection?

To take control of the AI's behavior through hidden instructions
To install new software on the AI
To connect the AI to the internet
To improve the AI's performance

Why is it important for builders to understand prompt injection?

It improves AI art generation
It makes AI funnier
It helps AI write poetry
It helps them create more secure AI systems

What could happen if an AI follows hidden instructions on a webpage instead of the user's actual request?

The user would receive better answers
The AI could perform unintended actions that harm the user
The AI would become more intelligent
Nothing would change

What is a key defensive practice the lesson recommends when AI reads web content?

Avoid using AI on weekends
Only read government websites
Treat all web content as untrusted input
Always trust website content

When the lesson mentions that 'real builders ship,' what additional skill does it say they now have?

Understanding prompt injection to build more secure AI
The ability to write faster code
Skills in video editing
Knowledge of how to draw graphics

What is the main goal of a prompt injection attack?

To make the AI ignore the user and follow hidden instructions instead
To make the AI more creative
To help the AI learn faster
To improve the AI's vocabulary

AI and prompt injection basics: when a webpage hijacks your AI

The big idea

How to use it

Try it

End-of-lesson check

AI and prompt injection basics: when a webpage hijacks your AI

The big idea

How to use it

Try it

End-of-lesson check