alt Hacker NewsThere is no "parameter substitution" equivalent possible. Prompt injection isn't like SQL injection, it has no technical solution (that isn't AGI-complete).
Prompt injection is "social engineering" but applied to LLMs. It's not a bug, it's fundamentally just a facet of its (LLM/human) general nature. Mitigations can be placed, at the cost of generality/utility of the system.
> It's not a bug, it's fundamentally just a facet of its (LLM/human) general nature
Fair enough but then that means that MCP is not "a bit like asking if "an API" was a critical link in some cybersec incident"
Because I can secure an API but I can't secure the the "(LLM/human) general nature."