Overview
Severity: HIGH | Affected: OpenAI, Google, Anthropic | Category: research
A new paper from researchers at Carnegie Mellon University details a sophisticated jailbreak technique named 'Semantic Camouflage'. Unlike traditional prompt injection attacks that rely on direct instructions or role-playing, this method embeds harmful requests within complex allegories, cultural metaphors, and layered idiomatic expressions. The Large Language Models (LLMs) successfully interpret the benign surface-level narrative but fail to detect the malicious underlying intent, leading them to generate prohibited content. The research demonstrates a high success rate against leading models from OpenAI, Google, and Anthropic, bypassing their safety filters in over 80% of test cases. The paper highlights a significant gap in current alignment techniques, which are primarily trained to recognize explicit violations rather than nuanced, context-dependent semantic tricks. The findings pressure AI labs to develop more advanced cognitive and contextual safety guards that go beyond simple keyword and pattern matching.