> prompting your AI to “be secure” is not enough

I mean, yes, but I suppose we live in such a nonsensically thoughtless time that stating the obvious has some value.

> To combat this we need to write a security context file to guide the AI

And you've already lost the plot. The problem is not that you're pulling the arm of the slot machine without wearing your lucky underwear, the problem is that you're delegating security to the slot machine to begin with. Pack it up, you're done.