Overview
Severity: MEDIUM | Affected: Carnegie Mellon University | Category: research
Researchers from Carnegie Mellon University have published a new paper detailing a novel jailbreak technique named 'Contextual Shifting.' The method effectively bypasses state-of-the-art safety alignments in major large language models. Unlike simple prompt injection, this technique involves creating a deeply nested, multi-layered conversational context that gradually shifts the model's persona into a state where safety filters are no longer triggered effectively. By asking the model to role-play as a 'safety evaluation simulator' which itself is simulating another less-constrained AI, the attack confuses the model's hierarchical safety checks. The research paper demonstrates a success rate of over 80% against several leading proprietary models, raising concerns about the static nature of current alignment strategies. The researchers have responsibly disclosed their findings to affected model providers, urging the development of more dynamic, context-aware safety mechanisms that can operate across complex conversational histories.