Prompt injection defenses are maturing (but still not bulletproof).
Defenses improved but aren't magic—implement defense-in-depth.
What changed
• Model-level defenses improved but aren't perfect
• Best practices documented and widely available
• Architectural patterns for defense-in-depth established
Who it affects
• Security teams
• Production AI builders
• Anyone handling user-generated content
What to do now
• Separate system instructions from user content architecturally
• Validate and sanitize all user inputs
• Implement output verification for sensitive operations
• Monitor for unusual behavior patterns
Related updates
Agent failures are mostly tool wiring, not model 'intelligence'.
Your agent isn't dumb. Your glue code is.
GPT-5.2 pushes harder on real work: code, tools, long context.
More useful for shipping work, especially with structure.
Age prediction is rolling out to apply stronger teen safety defaults.
More guardrails for teens, more consistency for youth-safe experiences.
Claude Opus 4.5 leans into coding + agents, with stronger robustness.
Better for serious coding + agent work, especially when you wire it properly.
Claude API: structured outputs support expands, and older models keep getting retired.
Production users: pin versions and stop ignoring deprecation notes.