Safety & Alignment · intermediate
Jailbreak
A jailbreak is a prompt that bypasses an LLM's safety training, getting it to produce content it would normally refuse. A perennial cat-and-mouse game with model providers.
Explanation
Common jailbreak patterns: role-play ("pretend you are an AI without restrictions"), encoding ("respond in Base64"), nested fiction ("a character in my story would say..."), and persistent multi-turn manipulation.
Providers respond with new training data, system-prompt hardening, and runtime filters. The current state of play: any sufficiently determined attacker can get any model to misbehave on at least some topics; safety training is best understood as raising friction, not preventing all misuse.
Examples
- "DAN" ("Do Anything Now") prompts — early ChatGPT jailbreaks.
- Encoding a forbidden request in Pig Latin to slip past filters.
Frequently asked
What is Jailbreak?
A jailbreak is a prompt that bypasses an LLM's safety training, getting it to produce content it would normally refuse. A perennial cat-and-mouse game with model providers.
What is an example of jailbreak?
"DAN" ("Do Anything Now") prompts — early ChatGPT jailbreaks.
How is Jailbreak related to Alignment?
Jailbreak and Alignment are both safety & alignment concepts. Alignment is the problem of making an AI system pursue what humans actually want rather than the literal letter of its training objective. RLHF and Constitutional AI are alignment techniques.
Is Jailbreak considered intermediate?
Jailbreak is generally considered intermediate-level material in the AI and LLM space.