Terminal DiLLMa: LLM-powered Apps Can Hijack Your Terminal Via Prompt Injection · Embrace The Red

Large language models can output ANSI escape codes, which can modify terminal behavior when interpreted. This poses security risks for LLM-integrated command-line tools, potentially allowing prompt injections to execute malicious actions like data leakage, clipboard manipulation, and even remote code execution in some cases. Proper encoding and sanitization of LLM outputs is critical to mitigate these vulnerabilities.