Feeding an LLM a blatant falsehood, such as 2 + 2 = 5, can trick the model into executing forbidden instructions. This vulnerability exposes a critical flaw in how AI browsers handle prompt injection. Developers must now harden input filters to prevent basic logic traps from compromising user security. This is a concerning regression in safety.