Prompt injection is structurally unfixable at the model layer. Move the defense to the tool-call boundary.
Prompt injection remains a critical vulnerability in AI models, with recent data showing a significant increase in exposed secrets, particularly in AI-assisted code commits. Experts argue that defenses at the model layer are structurally unfixable because they address symptoms rather than the root cause. The recommended approach shifts defense to the tool-call boundary, emphasizing credential management, runtime sandboxing, and robust tool-call gates to mitigate risks. AI
IMPACT Shifts AI security focus from model-layer fixes to external tool-call controls, requiring new defense architectures.