logoalt Hacker News

SwtCybertoday at 10:56 AM0 repliesview on HN

Its funny to see how researchers bypass Githubs praised guardrails with a simple word like "Additionally". It just proves that any attempt to build hard security boundaries inside an llm context window is bound to fail. The model is naturally built to follow instructions, so if you mix system rules and user input together, the newer or more persistent instruction will always win