GPT-4 with a system prompt is definitely better, but better isn't good enough: for a security issue like this we need a 100% reliable solution, or people WILL figure out how to exploit it.
I agree and I think OpenAI is aware of this issue. I’ve read the other day that they are employing a “red team” - group of people that basically are tasked with breaking their models so they can find weak spots and fix them.
