Is OpenAI's API safe to share within the text generator plugin?


I’ve ventured into using the AI text generator in obsidian, but I fear for the security of my OpenAI account, since the plugin asked for the account’s API.

I don’t know much about how the plugin or API’s work, so I’m looking forward to understanding if this is safe. Thank you!

What I’m trying to do

Use the Text Generator community plugin safely.

would like to know also …

on the openai playground site, they have the following message.
Enter a statement or select a preset model, and watch as the API responds with a completion that attempts to match the context or pattern you provided.

You can control which pattern completes your request by changing the pattern.

Use good judgment when sharing results, and attribute them to you or your company. More information.
Requests submitted to our API will not be used to train or improve future models. More information.
The training data for our default models ends in 2021, so you may not be aware of current events.

I understand that this plugin works through the API, so you can only rely on the development.

Translated with DeepL Translator (free version) [Link removed]

Well, how safe do you consider it is to send your text into the internet? Especially into something which basically is trained on the text it receives? Although, some of the text related to some of these state they’re not training the AI any more, meaning it’ll get outdated rather soon for some stuff.

I for one wouldn’t send my texts into something like that, or at least be very selective with what I send into such a system.

Another aspect, is related to API and general security aspects of a plugin. In general, they should be safe after passing the community plugin initial processes, but verifying code is hard, and malicious code can be introduced at a later stage. So once again, it depends on your level of paranoia and what kind of data you’re using/sending through it.

So would I use the same password for some API like this, as for something I value even just a little bit? No way. Would I use similar passwords, email-addresses, or other identifiable stuff related to my personal information in such an API, not if I can avoid it.