OpenAI has introduced a new security feature designed to provide additional protection against prompt injection attacks, a technique in which malicious instructions are hidden within webpages or other content sources accessed by chatbots.

Known as Lockdown Mode, the feature disables several capabilities, including live web browsing, access to and display of web-based images, deep research functions, and agent mode.

Users can still generate images, but ChatGPT will only be able to access cached web content rather than browsing the internet in real time.

OpenAI cautioned that Lockdown Mode does not eliminate the risk of prompt injection attacks entirely.

The company noted that harmful instructions could still be embedded in cached web content or uploaded files, potentially influencing the behaviour or accuracy of responses.

However, the feature is intended to significantly reduce the chances of sensitive information being exposed or shared through such attacks.

“Lockdown Mode is not intended for everyone,” OpenAI says. “It is designed for people and organizations that handle sensitive data and want stricter protection from data exfiltration risks related to prompt injection.”

OpenAI said it is currently rolling out Lockdown Mode to self-serve ChatGPT Business accounts and eligible personal accounts, with access being expanded gradually as part of the feature’s deployment.