Why it matters
OpenAI frames prompt injection as an evolving agent-security problem that increasingly resembles social engineering rather than a simple string-matching issue.
My takeaway: Useful reference for anyone building browsing or tool-enabled agents. The practical lesson is to treat prompt injection as a workflow and trust-boundary problem, not just a content-filter problem.