Prompt Injection Mitigation with Agentic AI, Nested Learning, and AI Sustainability via Semantic Caching

TL;DR

This paper presents a new evaluation framework and a multi-agent system that enhances prompt injection mitigation in large language models, improving security, efficiency, and sustainability without altering core models.

Contribution

It introduces TIVS-O, an extended evaluation metric incorporating semantic caching and observability, and demonstrates a multi-agent architecture that achieves secure, efficient, and environmentally sustainable LLM deployment.

Findings

Zero high-risk breaches achieved in experiments.

Semantic caching reduces LLM calls by 41.6%.

Trade-offs between mitigation strictness and transparency are identified.

Abstract

Prompt injection remains a central obstacle to the safe deployment of large language models, particularly in multi-agent settings where intermediate outputs can propagate or amplify malicious instructions. Building on earlier work that introduced a four-metric Total Injection Vulnerability Score (TIVS), this paper extends the evaluation framework with semantic similarity-based caching and a fifth metric (Observability Score Ratio) to yield TIVS-O, investigating how defence effectiveness interacts with transparency in a HOPE-inspired Nested Learning architecture. The proposed system combines an agentic pipeline with Continuum Memory Systems that implement semantic similarity-based caching across 301 synthetically generated injection-focused prompts drawn from ten attack families, while a fourth agent performs comprehensive security analysis using five key performance indicators. In addition to traditional injection metrics, OSR quantifies the richness and clarity of security-relevant reasoning exposed by each agent, enabling an explicit analysis of trade-offs between strict mitigation and auditability. Experiments show that the system achieves secure responses with zero high-risk breaches, while semantic caching delivers substantial computational savings, achieving a 41.6% reduction in LLM calls and corresponding decreases in latency, energy consumption, and carbon emissions. Five TIVS-O configurations reveal optimal trade-offs between mitigation strictness and forensic transparency. These results indicate that observability-aware evaluation can reveal non-monotonic effects within multi-agent pipelines and that memory-augmented agents can jointly maximize security robustness, real-time performance, operational cost savings, and environmental sustainability without modifying underlying model weights, providing a production-ready pathway for secure and green LLM deployments.