Shared-Embedding Sequence Models: The Instruction-Data Conflation Vulnerability
Research detailed in arXiv:2606.27567 identifies a fundamental architectural flaw in shared-embedding sequence models where instructions and data are processed via a unified attention-aggregation pipeline. This "instruction-data conflation" mirrors the Von Neumann architecture's overlap of code and data, rendering prompt injection a structural vulnerability rather than a patchable alignment bug. Mathematical proofs utilizing Total Variation Distance (TVD) demonstrate the impossibility of Semantic-Faithful Control (SFC), proving that trusted instructions and untrusted data are statistically inseparable. This flaw enables authoritative action hijacking, including refusal bypasses and unauthorized tool execution, effectively neutralizing current in-pipeline classifiers and alignment-based defenses.