What are the main security risks of deploying an LLM application, and how would you mitigate prompt injection?