Don't just trust the LLM. Run user inputs through a secondary model (e.g., LlamaGuard) specifically trained to detect jailbreak attempts. Many scripts rely on specific patterns ( [DEBUG MODE] , DAN , Ignore previous ). Regex and string matching can catch low-hanging fruit.
: In the context of AI, a "jailbreak script" or prompt (like the famous DAN/Do Anything Now ) is designed to trick an AI into ignoring its safety training to provide restricted information. Jailbreak Script
Legitimate red-team scripts are far more sophisticated, including: Don't just trust the LLM