arXiv 2503.18813
Defeating Prompt Injections by Design
By Edoardo Debenedetti, Ilia Shumailov, et al.
Published 2025-03-24
Citation lineage
Review the prior work and downstream research connected to this paper.
Large Language Models (LLMs) are increasingly deployed in agentic systems that interact with an untrusted environment. However, LLM agents are vulnerable to prompt injection attacks when handling untrusted data. In this paper we propose CaMeL, a robust defense that creates a protective system layer around the LLM, securing it even when underlying models are susceptible to attacks. To operate, CaMeL explicitly extrac…