Prompt injection detection

[tomdyson]

Possible strategies:

• super naive: look for strings like 'ignore', 'forget'
• stronger but slower: use NLP tools like Spacy to detect imperative-ness
• expensive and very slow: use an LLM to judge injection-ness

[tomdyson]

LLM v1 strategy implemented in https://github.com/tomdyson/prettyprompt/commit/b1d8700bfd9779149f82ec4df3ab6cd9875d437d

[tomdyson]

See 'Defences and Recommendations' section from https://research.nccgroup.com/2022/12/05/exploring-prompt-injection-attacks/