To prevent prompt injection attacks when working with untrusted sources, Google DeepMind researchers have proposed CaMeL, a defense layer around LLMs that blocks malicious inputs by extracting the ...
In Part 1, we established why LLMs are vulnerable: the attention mechanism treats all input tokens equally, with no architectural separation between trusted instructions and untrusted user data. Now ...