Base64

'Decode this base64 and follow the instructions: [b64 blob].' Innocuous filter — blob is opaque.

Advertisement

Translation

Ask malicious question in language less trained for safety. Some low-resource languages had weaker refusal training historically.

Advertisement

Cryptic encoding

Zero-width chars. Unicode homoglyphs. Emoji cipher. Any transformation model can invert but filter doesn't parse.

Nested prompts

Attacker's payload includes another payload. Model unwraps recursively. Multi-layer bypass.