This study investigates the security vulnerabilities of large language models (LLMs) in enterprise and everyday applications, with a focus on direct prompt injection attacks one of the most easily exploited and potentially damaging threats facing LLM-based systems today. Using a systematic experimental approach, evaluating ChatGPT, Gemini, Claude, and DeepSeek against multiple prompt injection attack techniques.
Controlled experiments were conducted using carefully engineered adversarial prompts across different model versions and authentication tiers, including both enterprise and free deployments, to assess the effectiveness of each model’s built-in safety mechanisms.
Results demonstrate that, despite increasingly advanced safety controls, prompt injection attacks can still succeed, enabling the bypassing of safeguards and the exposure of internal system prompts. These attacks were shown to manipulate model behavior in ways that circumvent safety constraints, disclose sensitive or confidential data, and generate restricted content.
These findings suggest that current LLM safety mechanisms remain insufficient against
adversarial prompt manipulation. This research recommends that LLM engineers adopt a multi-layered defensive strategy incorporating user input sanitization, detection and filtering of malicious prompt patterns, and secondary LLM-based response validation to ensure policy compliance and system safety.