ChatGPT search prompts leak into Google Search Console (www.quantable.com)

Security researcher Juliana Jackson found ChatGPT-style prompts appearing as search impressions in her Google Search Console (GSC). Investigation revealed the chain: OpenAI’s ChatGPT interface (https://openai.com/index/chatgpt/) has a buggy prompt box that prepends that page URL to user prompts and includes a query parameter (hints=search) that forces a web search. When ChatGPT decides to perform a Google search, OpenAI appears to scrape Google results instead of using a private API. Because scraped queries point back to pages like Juliana’s Substack, those prompts show up as search impressions for the site in GSC — effectively leaking user prompts to Google and to whoever can see search result traffic. This is significant because it demonstrates a real-world privacy leak: any ChatGPT prompt that triggers a Google search can be exposed to site owners, Google, and potentially third parties observing scraping activity. Technically, the issue combines a UI bug (URL prepending + hints=search), ChatGPT’s search-trigger behavior, and OpenAI’s scraping-based access to Google. The consequences range from accidental disclosure of sensitive prompts to deliberate exfiltration by adversaries. The incident underscores broader concerns about large models scraping the web, inadequate use of licensed APIs, and the need for clearer privacy standards and safer search integrations in AI products.