Achieving Deterministic Prompt Injection Through Client-Side Feedback Loops
Achieving consistent exploitation of prompt injections using client-side gadgets.
VolumeLeak: Classifier-based Data Exfiltration via Volume Settings
Data exfiltration in Gemini via Android's volume settings, using a classification system.
PhoneLeak: Data Exfiltration in Gemini via Phone Call
Novel data exfiltration in Google Gemini via the Phone tool call.