I am going to disagree with that. SQL injection attacks are an example of the age old issue of mixing up input and instructions. Smash the stack is older than many software devs, but it was essentially the same problem - its an inherit issue with Von Neumann architecture.
This is also not an AI issue, or even an MCP issue. If the same issue had been in a client library for the Postmark API, it would likely have had a bigger impact.
What we need is to make it much more likely to get caught and go to prison for stuff like this. That will change things.
> SQL injection attacks are an example of the age old issue of mixing up input and instructions.
Yes, and attacks on AI are much the same. The AI gets "prompted" by something that was supposed to be inert processable data. (Or its basic conduct guidelines are overridden because the system doesn't and can't distinguish between the "system prompt" and "user prompt".)