We fixed these in determinate contexts only for the most part. SQL injection specifically requires the use of parametrized values typically. Frontend frameworks don't render random strings as HTML unless it's specifically marked as trusted.

I don't see us solving LLM vulnerabilities without severely crippling LLM performance/capabilities.