An attacker could use prompt injecting to include malicious commands with your own prompts, says Brave, potentially gaining access to your personal data.