OpenAI added Lockdown Mode, an opt-in ChatGPT setting that blocks the data-exfiltration stage of prompt-injection attacks by limiting outbound network requests. With it on, web browsing is capped to cached content and Agent Mode, Deep Research, in-response images, live connectors, and file downloads are turned off, cutting the channels injected instructions could use to ship stolen data offsite. The feature is free across all personal accounts and self-serve Business accounts. OpenAI cautions it isn't for everyone and that ChatGPT can still be prompt-injected through cached pages or uploaded files. How much capability will sensitive-data users trade for a partial defense?