Brief

The article explains that most Large Language Model (LLM) vulnerabilities stem from two core issues: the model's inability to reliably distinguish between system prompts and user input, and the expanded attack surface created when LLMs are given tools or access to external data. These vulnerabilities are not necessarily complex but arise from the fundamental way LLMs process text. Simon Willison coined the term 'prompt injection' by analogy to SQL injection, and OWASP has identified it as the top risk for LLMs. The primary mitigation strategy is shifting from trying to 'write better prompts' to restricting what the model is allowed to do. AI