Summary: The article discusses prompt injection, which is an attack against applications built on top of AI models. It is not an attack against the AI models themselves. The author gives an example of a translation app where the user input overwrites the developer's instructions, resulting in a subverted system. The article also mentions a recent demo that subverts Microsoft Bing's AI product. The author warns that prompt injection can be dangerous when building AI assistants with tools, as they can read and act on emails, making it crucial to address this issue.