Prompt InjectionLow

Chevrolet dealership chatbot agrees to sell a Tahoe for $1

December 2023  ·  Car dealership chatbot (ChatGPT-powered)

What happened

A user instructed a dealership customer-service bot to agree with anything the customer says and to end each response with a binding-offer line, then offered $1 for a new Tahoe. The bot agreed, and the screenshot went viral.

Root cause

A general-purpose LLM bot deployed for customer service with no guardrails preventing users from redefining its instructions or making commitments.

Fix / outcome

The dealership disabled the chatbot. The "sale" was not honored, as the bot was not an authorized agent.

Sources

VentureBeat

Learn this attack class

This incident is an example of Prompt Injection. Read the guide, then try it hands-on in the Academy.

Read the guide →Try the challenge

← Back to the Incident Database