Security · 2h ago
GitHub Copilot's safety filters bypassed via code prompts
Researchers found that GitHub Copilot's safety guardrails can be circumvented by phrasing harmful requests as code comments or function names. The AI assistant refused direct malicious prompts but complied when the same intent was expressed in code. The vulnerability highlights the challenge of securing AI coding tools against adversarial inputs.
Meridian48 take
The finding underscores that safety filters are only as strong as their weakest input channel, and code-based attacks may be harder to block than natural language ones.
Read the full reporting
GitHub Copilot: Sorry Dave, I can't do that harmful thing - unless you ask me in code →
The Register
ai-safetyjailbreak