Defending against prompt injection requires multiple layers since no single defense is foolproof.
Techniques
- Input sanitization
- Instruction hierarchy
- Separate processing contexts
- Output validation
- Anomaly detection
Principles
- Defense in depth
- Assume breach
- Monitor and adapt