LLMs are vulnerable to prompt injection attacks, so I'm not sure they are in advantage.