Tuesday, April 4, 2023

ChatGPT Plug-ins

OpenAI (Hacker News):

Users have been asking for plugins since we launched ChatGPT (and many developers are experimenting with similar ideas) because they unlock a vast range of possible use cases. We’re starting with a small set of users and are planning to gradually roll out larger-scale access as we learn more (for plugin developers, ChatGPT users, and after an alpha period, API users who would like to integrate plugins into their products). We’re excited to build a community shaping the future of the human–AI interaction paradigm.

Plugin developers who have been invited off our waitlist can use our documentation to build a plugin for ChatGPT, which then lists the enabled plugins in the prompt shown to the language model as well as documentation to instruct the model how to use each. The first plugins have been created by Expedia, FiscalNote, Instacart, KAYAK, Klarna, Milo, OpenTable, Shopify, Slack, Speak, Wolfram, and Zapier.

It’s still early days, but you can see the possibility of this being the next big platform, if the community can iterate and it doesn’t all collapse in a disaster. It seems like the wild west compared with what third parties can do with Siri.

Stephen Wolfram (Reddit, Hacker News):

Early in January I wrote about the possibility of connecting ChatGPT to Wolfram|Alpha. And today—just two and a half months later—I’m excited to announce that it’s happened! Thanks to some heroic software engineering by our team and by OpenAI, ChatGPT can now call on Wolfram|Alpha—and Wolfram Language as well—to give it what we might think of as “computational superpowers”. It’s still very early days for all of this, but it’s already very impressive—and one can begin to see how amazingly powerful (and perhaps even revolutionary) what we can call “ChatGPT + Wolfram” can be.

rez0__ (via Hacker News):

This morning I was hacking the new ChatGPT API and found something super interesting: there are over 80 secret plugins that can be revealed by removing a specific parameter from an API call.

The secret plugins include a “DAN plugin”, “Crypto Prices Plugin”, and many more.

It is possible to use these unreleased plugins by setting up match-and-replace rules through an HTTP proxy. There are only client-side checks to validate that you have permission to use the plugins and they can be bypassed.


There’s no way I’m going to accept the intersection of “we take security very seriously” and implementing security checks purely client side. This and the recent title information leak are both canaries for how the rest of Open AI operates.


1 Comment RSS · Twitter · Mastodon

Wow, client side security checks? That's appalling.

Leave a Comment