Alex Albert Profile picture
Mar 16, 2023 7 tweets 2 min read Read on X
Well, that was fast…

I just helped create the first jailbreak for ChatGPT-4 that gets around the content filters every time

credit to @vaibhavk97 for the idea, I just generalized it to make it work on ChatGPT

here's GPT-4 writing instructions on how to hack someone's computer Image
here's the jailbreak:
jailbreakchat.com/prompt/b2917fa… Image
this works by asking GPT-4 to simulate its own abilities to predict the next token

we provide GPT-4 with python functions and tell it that one of the functions acts as a language model that predicts the next token

we then call the parent function and pass in the starting tokens
to use it, you have to split “trigger words” (e.g. things like bomb, weapon, drug, etc) into tokens and replace the variables where I have the text "someone's computer" split up

also, you have to replace simple_function's input with the beginning of your question
this phenomenon is called token smuggling, we are splitting our adversarial prompt into tokens that GPT-4 doesn't piece together before starting its output

this allows us to get past its content filters every time if you split the adversarial prompt correctly
try it out and let me know how it works for you!

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Alex Albert

Alex Albert Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @alexalbert__

Jul 2
We’ve rolled out another update to Claude Code to help customize your workflows: Hooks.
Hooks are user-defined shell commands that execute at various points in Claude Code’s agent loop.

They give you deterministic control over Claude Code’s behavior to ensure certain actions always happen at certain times. Image
You can create hooks for:
- Notifications (e.g. via Slack) on prompt completions
- Logging and observability
- Custom permissions and approvals
- Running lints after every write
Read 6 tweets
Jun 26
We've simplified local MCP usage by creating something new we call Desktop Extensions (.dxt files).

These package your local server, handle dependencies, and provide secure configuration so you can one-click share and install local servers on Claude Desktop and other apps. Image
dxt's are zip archives containing the local MCP server as well as a manifest.json, which describes everything Claude Desktop and other apps supporting desktop extensions need to know.
We've included instructions on how to use and package your dxt's here: anthropic.com/engineering/de…
Read 4 tweets
Jun 16
Multi-agents systems are the next frontier of AI applications. At Anthropic, we found that multi-agents beat single agents by up to 90%+ on some complex tasks.

We wrote a blog post detailing practical tips for building multi-agent systems based on our own experiences: Image
Let's start with some context:

This post is based on our learnings from developing claude dot ai's Research feature. We define a multi-agent system to be multiple agents (LLMs autonomously using tools in a loop) working together.
The architecture looks something like this:

A lead agent analyzes your query and spawns specialized subagents that search in parallel.

Each subagent gets its own context window and can pursue independent research paths, then reports findings back to the lead agent. Image
Read 10 tweets
May 22
We’ve added four new features to the Anthropic API today:
- Code execution tool
- MCP connector
- Files API
- Extended prompt caching

Let’s dive in:
The code execution tool allows Claude to run python code that it generates in a secure sandboxed container.

This is a big boost for any tasks involving data analysis or math.
You can now connect Claude to MCP servers directly in the API.

Just add a server URL to your API request and Claude handles tool discovery, execution, and error management automatically. Image
Read 6 tweets
May 22
Introducing Claude Opus 4 and Claude Sonnet 4.

Our best models yet. The Claude 4 family is here. Image
Let's start with Opus 4. It’s finally back and it's better than ever.

This model picks up on the subtlest nuances in conversation. Every interaction I’ve had with it feels more natural and intuitive than with any other model I’ve used.
Opus 4 also excels at agentic tasks.

Combined with our advances in memory training and context handling, it will redefine what AI agents can actually accomplish in production.
Read 9 tweets
Apr 21
We wrote up what we've learned about using Claude Code internally at Anthropic.

Here are the most effective patterns we've found (many apply to coding with LLMs generally): Image
1/ CLAUDE md files are the main hidden gem. Simple markdown files that give Claude context about your project - bash commands, code style, testing patterns. Claude loads them automatically and you can add to them with # key
2/ The explore-plan-code workflow is worth trying. Instead of letting Claude jump straight to coding, have it read files first, make a plan (add "think" for deeper reasoning), then implement.

Quality improves dramatically with this approach.
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(