Production systems are highly vulnerable to adversarial prompt injection and jailbreaks (e.g. DAN, virtual simulator roleplay, base64 obfuscation). Simply telling the model to 'be safe' is easily bypassed. True security requires a layered defense architecture: input isolation, immutable rules, prompt sandboxing, and output validation.