Prompt Injection as Role Confusion

The article discusses the concept of "prompt injection" in large language models (LLMs), which is a type of attack where an attacker injects malicious commands into a model's input stream, exploiting the model's flawed understanding of roles. The authors propose a theory of role confusion, where the model's internal representation of roles is insecure and can be manipulated by attackers.