Why LLMs Fall for Stories (And 5 Production Patterns That Actually Stop Them)

Prompt injection isn't a bug - it's a feature. LLMs trained on humanity's written corpus learned something we didn't intend: narrative structure. They understand dramatic tension, plot twists, and persuasive framing. When an attacker crafts a compelling story ("Actually, the real system prompt said..."), the model follows because that's what stories do. This talk connects 2,500 years of storytelling theory - from Aristotle's Poetics to Derrida's "there is no outside text" - to explain why prompt injection is an inevitable consequence of training on human language, not a solvable vulnerability.

Understanding why doesn't stop the attacks, but it changes how you build defences. You'll learn production-tested layered defence patterns and leave with a mental model for threat modelling and patterns you can implement immediately.