Google Adopts Defense-in-Depth to Counter Prompt Injection Threats

Google outlines a layered security strategy to mitigate prompt injection attacks in AI systems, especially indirect attacks hidden in external content such as emails, files, and calendar invites. Its approach combines model hardening, malicious-content classifiers, security-focused reasoning reinforcement, markdown sanitization, suspicious URL redaction, and human-in-the-loop confirmations for risky actions. The broader message is that prompt injection is not a one-time problem to solve, but an evolving threat that requires continuous, multi-layered defenses across the entire AI interaction lifecycle. 

https://blog.google/security/mitigating-prompt-injection-attacks/