Hacking Google Bard - From Prompt Injection to Data Exfiltration

Recently Google Bard got some powerful updates, including Extensions. Extensions allow Bard to access YouTube, search for flights and hotels, and also to access a user’s personal documents and emails.
So, Bard can now access and analyze your Drive, Docs and Gmail!
This means that it analyzes untrusted data and will be susceptible to Indirect Prompt Injection.
I was able to quickly validate that Prompt Injection works by pointing Bard to some older YouTube videos I had put up and …

access bard data data exfiltration docs documents drive emails exfiltration extensions gmail google google bard hacking hacking google hotels injection personal prompt prompt injection search untrusted updates youtube