TaskTracker trains linear probes on LLM hidden-state activations to detect prompt injection attacks. The original paper reports strong results across several datasets (TensorTrust, Ignore-This, the ...