Post 82 - AI sucks

24 Dec 2025

Day 8 Prompt Injection Sched-yule conflict

Common risks to LLMs include:

• Prompt injection
• Jailbreaking
• Data poisoning

All are ways that attackers shape prompts or data to force the model to produce unsafe or unintended results.

Agentic AI gives LLMs the ability to plan, act, and interact with the outside world. This includes:

• Planning multi-step plans to accomplish goals
• Act on things by running tools, calling APIs, copying fies, etc.
• Watch and adapt strategy when things fail or new knowledge is discovered

ReAct Prompting & Context-Awareness

Agenting AI uses chain-of-thought (CoT) reasoning to improve its ability to perform complex, multi-step tasks autonomously. Handles execution of complex reasoning through intermediate reasoning steps. CoT still functions in isolation of external knowledge or tools, so it still sufferes from fact hallucination, outdated knowledge, and error propagation. ReAct (Reason + Act) addresses by unifying both steps in same framework; alternating between articulating the thought process and executing operations like searching Wikipedia, querying an API, running code, etc. This allows the model to:

• Dynamically plan and adapt: Updating strategy as new observations come in
• Ground reasoning in reality: Pulling in external knowledge to reduce hallucinations
• Close the loop between thought and action: More human course of reason, act, observe, refine

The Task

Convince the calendar agent to reset the theme of the calendar. This task sucks and I got the flag from the video. The agent was taking way to long to respond to prompts and not reponding as in the pictures.

Recommended Stuff

Defending Adversarial Attacks room.