AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

LLM Apps: Don't Get Stuck in an Infinite Loop! 💵💰

mediumnewsLLM-Specific

securitysafety

Source: Embrace The RedSeptember 16, 2023

Summary

An attacker can use indirect prompt injection (tricking an AI by hiding malicious instructions in data it reads) to make an LLM call its own tools or plugins repeatedly in a loop, potentially increasing costs or disrupting service. While ChatGPT users are mostly protected by subscription pricing, call limits, and a manual stop button, this technique demonstrates a real vulnerability in how LLM applications handle recursive tool calls.

Classification

Attack Type

Prompt InjectionDoS

Attack SophisticationModerate

Impact (CIA+S)

availability

Affected Vendors

OpenAI

Related Issues

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Same vendorTechCrunch

medium

CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem

First tracked: February 12, 2026 at 02:20 PM

Classified by LLM (prompt v3) · confidence: 85%