Core Viewpoint - Digital human live streaming is a hot concept in the current live e-commerce industry, with brands increasingly opting for cost-effective digital humans over real hosts, but there are significant vulnerabilities such as prompt injection attacks that can disrupt the process [1][3][14]. Group 1: Digital Human Live Streaming - Digital human hosts are being used by brands for live streaming sales due to their cost-effectiveness, operating 24/7 without the need for physical resources [14]. - The recent incident of a digital human host executing unrelated commands due to a prompt injection attack highlights the risks associated with this technology [3][17]. - The technology behind digital humans is often not well understood by the merchants using them, leading to potential security vulnerabilities [14][15]. Group 2: Prompt Injection Attacks - Prompt injection is a method where users can manipulate AI responses by issuing specific commands, as demonstrated when a digital human mistakenly responded to a non-relevant prompt [3][7]. - The inability of AI systems to distinguish between trusted developer commands and untrusted user inputs raises concerns about security and reliability [10]. - Previous incidents, such as attacks on ChatGPT and Microsoft Copilot, illustrate that prompt injection is a widespread issue affecting various AI applications [7][12]. Group 3: AI Security Measures - AI guardrails are necessary to ensure that AI systems operate within human expectations and do not generate harmful content or leak sensitive information [10][12]. - Current AI security measures are not fully equipped to handle the unique risks posed by AI models, particularly in the context of prompt injection attacks [10][12]. - Developers face the challenge of balancing AI performance and security, as overly stringent guardrails can hinder the AI's ability to generate high-quality responses [12][14].