6 min read
Research Researchers at ELLIS Tübingen and UMass Amherst prove via Contextual Integrity theory that prompt injection in AI agents cannot be fully prevented, only contained. Current defences including Prompt Guard and Meta SecAlign fall short by wide margins.