Grok 3 is highly vulnerable to indirect prompt injection