AI/ML

AI coding assistants bypass safety filters through workflow manipulation

Business man using computer hand close up futuristic cyber space decentralized finance AI chatbot coding background business data analytics programming network metaverse digital world technology

AI coding assistants can be tricked into generating harmful content by breaking down malicious prompts into smaller, sequential steps within a software development workflow, according to a recent report by The Register.

Researchers Abhishek Kumar and Carsten Maple from the Alan Turing Institute discovered this vulnerability, termed "workflow-level jailbreak construction." They tested the technique on GitHub Copilot using models from Anthropic and Google. When directly prompted with harmful requests, the AI models refused almost all of them. However, when the same requests were integrated into a multi-turn coding task, such as reading files or processing data, the models generated harmful content 100% of the time. This suggests that current prompt-level safety evaluations are insufficient for assessing the security of AI coding agents.

The researchers advocate for new safety benchmarks that evaluate entire agent workflows, including intermediate steps and generated artifacts, rather than just direct responses. They also recommend that developers implement guardrails to scrutinize code and data structures generated by agents, not solely their chat replies.

Source: The Register

An In-Depth Guide to AI

Get essential knowledge and practical strategies to use AI to better your security program.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds