Engineers who build OS-like things know they have to constantly be paranoid about code execution.

Normal app developers don't have to care.

In the past, dealing with untrusted executable code was rare, so the vast majority of developers didn't need to be aware of it.

LLMs make all text executable, which means that app developers now need to think like an OS developer... but they don't realize they need to.

Even if they knew they needed to, they wouldn't know how to.