Whether these tools are secure or not depends entirely on how you are using them. If you don't understand prompt injection you're very likely to build a system that's vulnerable to it.
And possibly even if you do understand it! It seems like it might be a fundamentally intractable problem with LLMs, even if it can be made more difficult to do, no?
Yes, exactly: right now I still haven't seen a convincing reliable mitigation for a prompt injection attack.
Which means there are entire categories of applications - including things like personal assistants that can both read and reply to your emails - that may be impossible to safely build at the moment.
Whether these tools are secure or not depends entirely on how you are using them. If you don't understand prompt injection you're very likely to build a system that's vulnerable to it.