i wonder why the labs don't put a small model for detecting prompt injection in front of the main llm.

it's 20b at most and it can work quite well.

for now you can proxy http through llama guard. 'luxury' security if you can build and pay.

is there an architectural limitation?