> We have found ways to mitigate these types of issues for regular code, so I think it's a matter of time before we solve this for LLMs.

We've been talking about prompt injection for over three years now. Right from the start the obvious fix has been to separate data from instructions (as seen in parameterized SQL queries etc)... and nobody has cracked a way to actually do that yet.