> Parameterized SQL was right there!

That difference just makes the current situation even dumber, in terms of people building in castles on quicksand and hoping they can magically fix the architectural problems later.

> We have all the tools to prevent these agentic security vulnerabilities

We really don't, not in the same way that parameterized queries prevented SQL injection. There is LLM equivalent for that today, and nobody's figured out how to have it.

Instead, the secure alternative is "don't even use an LLM for this part".