The built-in model is constantly responding to content injected into my prompts. Some of those responses have caused real problems. I’ve disabled all MCP servers that I can. I’ve had to resort to directing it to detect the injections and tell me about them:
Support claims it’s working as designed.
How do you deal with this?