It would be foolish to use the LLM directly without a wrapper that detects prompt injection attempts.
replyI think this is trying to appeal to the sort of agentic/molt-y type systems that recently became popular. Their whole thing is that they can modify their “prompts” in some way.
reply