Lesson 408 of 2116
Sharing Chats Vs Sharing GPTs: What Leaks And What Doesn't
A shared chat link and a shared Custom GPT look similar but expose different things. Mixing them up is how creators leak more than they meant to.
Lesson map
What this lesson covers
Learning path
The main moves in order
- 1Two different things, same UI
- 2chat sharing
- 3GPT sharing
- 4leakage
Concept cluster
Terms to connect while reading
Section 1
Two different things, same UI
Sharing a chat creates a public snapshot of the conversation up to the moment you shared it. Sharing a Custom GPT publishes a tool. The first exposes your conversation; the second exposes your prompt and (potentially) your knowledge files. People mix them up.
What a shared chat actually contains
- The full text of the conversation up to the moment you shared.
- Any images you uploaded that were part of the chat.
- Citations and references the model produced.
- NOT your custom instructions, NOT your memory, NOT future messages.
What a shared Custom GPT exposes
- The system prompt — assume motivated users can extract it via injection.
- Knowledge files — assume their content is recoverable.
- The actions configuration — endpoints and (less so) auth flows are visible by behavior.
- NOT individual users' conversations with the GPT — those stay private to each user.
Compare the options
| Sharing surface | Risk | Mitigation |
|---|---|---|
| Public chat link | Past conversation visible to anyone with link | Review the chat before sharing; remove sensitive turns |
| Public Custom GPT | Prompt and files extractable | Don't put secrets in the prompt; consider workspace-only sharing |
| Workspace-only Custom GPT (Team/Enterprise) | Limited to org members | Still verify nothing private is in knowledge files |
| Chat shared via screenshot | Social media reach | Crop carefully — names, emails, URLs leak from edges |
The snapshot trap
A shared chat is a snapshot, not a live link. If you continue the conversation after sharing, the new turns are NOT visible to the recipient. People assume the link reflects the latest state and act on stale information. Always re-share if you want recipients to see updates.
Applied exercise
- 1Open your Shared Links list right now.
- 2Open each one. Note any that contain content you would not want public today.
- 3Revoke those.
- 4Decide a habit — 'I review shared links monthly' — and write it in your calendar.
Key terms in this lesson
The big idea: sharing in ChatGPT comes in two flavors with two different leak profiles. Mixing them up is the most common foot-shoot.
End-of-lesson quiz
Check what stuck
15 questions · Score saves to your progress.
Tutor
Curious about “Sharing Chats Vs Sharing GPTs: What Leaks And What Doesn't”?
Ask anything about this lesson. I’ll answer using just what you’re reading — short, friendly, grounded.
Progress saved locally in this browser. Sign in to sync across devices.
Related lessons
Keep going
Creators · 8 min
ChatGPT Memory: When To Enable, When To Turn It Off
Memory is supposed to make ChatGPT feel personal. It also quietly accumulates context that can pollute later conversations or leak into the wrong workspace.
Creators · 9 min
Prompt-Injection Risks Specific To ChatGPT Plugins And Connectors
When ChatGPT can read your email, browse the web, or call APIs, attackers can hide instructions inside that content. The risk is real and the defenses are mostly hygiene.
Creators · 10 min
ChatGPT Enterprise Data Controls: What An Admin Actually Controls
Enterprise tier promises 'admin controls'. Knowing what those are — and what they aren't — is the difference between buying a security checkbox and buying actual governance.