Researchers reveal a concerning new jailbreak technique called AVATAR that transforms benign content into harmful outputs through metaphorical prompting.

• Exploits LLM's ability to calibrate benign metaphors into harmful content
• Achieves higher success rates than direct harmful prompting
• Demonstrates effectiveness across multiple leading LLM platforms
• Highlights critical gaps in current safety mechanisms

This research exposes a significant security risk: rather than generating harmful content from scratch, attackers can manipulate LLMs to transform seemingly innocent inputs into dangerous outputs. Organizations deploying LLMs must develop new defenses against these metaphor-based attacks.

from Benign import Toxic: Jailbreaking the Language Model via Adversarial Metaphors