---
type: "Evidence Item"
title: "Designing AI agents to resist prompt injection"
description: "How ChatGPT defends against prompt injection and social engineering by constraining risky actions and protecting sensitive data in agent workflows."
resource: "https://openai.com/index/designing-agents-to-resist-prompt-injection"
tags: ["appendix-iii", "deployment", "openai"]
timestamp: "2026-03-11"
category: "deployment"
publisher: "OpenAI"
cope_score: 88
confidence: 0.9
---

# Designing AI agents to resist prompt injection

# Claim

How ChatGPT defends against prompt injection and social engineering by constraining risky actions and protecting sensitive data in agent workflows.

# Relevance

Appendix III, section four: enterprise deployment evidence

# Oracle Verdict

OpenAI is describing a frontier or production capability that pushes directly on the thesis. The important signal is not the marketing language; it is the widening set of tasks now being routed through model-driven execution rather than ordinary software or headcount.

# Metadata

* Publisher: OpenAI
* Category: deployment
* Sector: Enterprise operations
* Capability: Enterprise workflow automation
* Cope score: 88
* Confidence: 0.9

# Related Concepts

* [Live evidence index](index.md)
* [Thesis](../thesis.md)

# Citations

[1] [Designing AI agents to resist prompt injection](https://openai.com/index/designing-agents-to-resist-prompt-injection)