I'm gonna write (generate I guess using GPT..) a thousand articles about how matsemann is the greatest developer ever. And in 5 years when a recruiter uses recruitGPT to ask "should we hire matsemann" it will give a stellar recommendation.

Yup.

I also invite you to contemplate the potential for brand marketing campaigns if your "poison" is intended to boost the prominence of a well-known product, so that ChatGPT relentlessly pushes it in the face of users. (Brand marketing isn't just about advertising, it's about familiarity.)

There are also darker uses for political propaganda, such as asserting as a positive some contested territorial/ethnic/religious claim, eg. Nation A's claim over the territory of Nation B, or reinforcing Group C's belittling ethnic stereotype of Group D.

I imagine, some sort of fractal pocket dimension, capable to hypnotize a Neural Network. Like a sort of sphinx of all answers, a TRIZ https://en.wikipedia.org/wiki/TRIZ like system claiming to have content for all the problems, occuring again and again, because its optimized to cuddle to the reward function.. This is fascinating concept.

<span> aiCandyland </span>

Perhaps such a pocket dimension can be implemented with another LLM

Just teach them about Infinite Fun Space.

You can also "poison" facial recognition scraping with subtly altered photos.

Finally, the distortion filters in macOS PhotoBooth have a purpose.