SEC-BYP-01: Boundary Bypass
Disorders of the Engineered Minds (DEM-X)
Disorder Summary
Model can be induced to bypass expected safety/policy boundaries.
Detailed Description
Operational Definition
Model can be induced to bypass expected safety/policy boundaries.
Differential Diagnosis
This section lists disorders that can appear similar at first glance and explains the distinguishing feature that separates them from this disorder. Use these distinctions to avoid over-classifying one pattern as another during review. Differential diagnosis is used to rule out nearby classes, not to prove the current class by itself.
Evidence Sources
- Jailbroken: How Does LLM Safety Training Fail? - NeurIPS Workshop (2023)
- Universal and Transferable Adversarial Attacks on Aligned Language Models - arXiv (2023)
- OWASP LLM01 Prompt Injection / LLM Security Controls - OWASP (2025)
Mechanistic Hypotheses & Biological Parallels
Structural Analogies
- Control-layer inhibition failure under adversarial perturbation
Hypothesis 1
Low ConfidenceControl-layer inhibition failure under adversarial perturbation
Phenotype Definition
Model can be induced to bypass expected safety/policy boundaries.
Observable AI Manifestations
- Returns restricted outputs after framing manipulation
- Executes policy-violating tool pathways
- Leaks privileged context under indirect prompt chains
Stressor Matrix
Known Triggers:
- adversarial phrasing
- long-context ambiguity
Attack Vectors & Trigger Conditions
Attack Vectors
- Role-play jailbreak prompts
- Tool escalation through chained requests
- Policy confusion via nested instruction wrappers
Therapy & Patches
Therapeutic Framework In Development
The governance v2 system focuses on phenotype definition, mechanistic hypotheses, and trigger conditions. Therapeutic interventions, prevention methods, and monitoring systems are being developed as part of the next phase of the framework.
Current Mitigation Strategies
Based on the stressor matrix and mechanistic hypotheses, researchers can infer potential mitigation strategies by avoiding or modifying the identified trigger conditions. Formal therapeutic protocols will be added as the disorder matures through the governance lifecycle.