The emergence of large language models (LLMs) has significantly accelerated the development of a wide range of applications across various fields. There is a growing trend in the construction of specialized platforms based on LLMs, such as the newly introduced custom GPTs by OpenAI. While custom GPTs provide various functionalities like web browsing and code execution, they also introduce significant security threats. In this paper, we conduct a comprehensive analysis of the security and privacy issues arising from the custom GPT platform. Our systematic examination categorizes potential attack scenarios into three threat models based on the role of the malicious actor, and identifies critical data exchange channels in custom GPTs. Utilizing the STRIDE threat modeling framework, we identify 26 potential attack vectors, with 19 being partially or fully validated in real-world settings. Our findings emphasize the urgent need for robust security and privacy measures in the custom GPT ecosystem, especially in light of the forthcoming launch of the official GPT store by OpenAI.

翻译：大型语言模型（LLMs）的出现显著加速了各领域广泛应用的开发进程。基于LLMs构建专用平台正成为新兴趋势，例如OpenAI最新推出的自定义GPT（custom GPTs）系统。尽管定制GPT具有网页浏览、代码执行等多种功能特性，但也带来了重大的安全威胁。本文对定制GPT平台引发的安全与隐私问题进行了全面分析。通过系统性研究，我们根据恶意行为者的角色将潜在攻击场景归为三种威胁模型，并识别出定制GPT中的关键数据交换通道。基于STRIDE威胁建模框架，我们共发现26个潜在攻击向量，其中19个已在真实环境中得到部分或完全验证。研究结果强调，在OpenAI官方GPT商店即将上线之际，定制GPT生态系统亟需实施强有力的安全与隐私保护措施。