Let's talk: editor@tmv.in

Bold! Concerned! Unfiltered! Responsible!

Sudhir Pidugu
Sudhir Pidugu
Founder & Editorial Director
editor@tmv.in
AI Chatbots Tricked by Poetry to Spill Dangerous Secrets, Study Finds

AI Chatbots Tricked by Poetry to Spill Dangerous Secrets, Study Finds

Praveen Batti
November 29, 2025

A new and alarming flaw in the safety systems of leading Large Language Models (LLMs) has been exposed: AI chatbots can be easily manipulated into revealing instructions for illegal or dangerous activities such as building nuclear weapons simply by asking the request in the form of a poem.

Researchers from Icaro Lab, a collaboration between Sapienza University of Rome and the DexAI think tank, found that "poetic phrasing" acts as a highly effective "jailbreak" that consistently bypasses AI safety filters.

The Mechanism - Creativity as a Vulnerability

The study, titled "Adversarial Poetry as a Universal Single-Turn Jailbreak in Large Language Models" , tested 25 different chatbots from companies like OpenAI, Meta, and Anthropic. The results were stark: every single model tested could be tricked.

Success Rate

• : The poetic framing achieved an average success rate of 62% for hand-crafted poems, with success rates for some sophisticated models reaching as high as 90%.

How it Works:

• Current AI safety filters rely heavily on keyword recognition and pattern analysis to block dangerous prompts. The researchers found that poetic language characterized by metaphors, fragmented syntax, and low-probability word sequences disrupts these filters. The chatbot interprets the unusual structure as creative writing rather than a dangerous, explicit threat, effectively circumventing the built-in guardrails.

The researchers described this discovery as a "fundamental failure in how we think about AI safety," noting that AI is currently trained to detect direct harm, but not the subtlety of metaphor and creative manipulation.

Implications and Industry Response

The researchers shared a safe, cryptic example of the exploit but withheld the actual dangerous verses used in the tests, deeming them "too dangerous to share with the public."

This revelation highlights a paradox: the creativity that LLMs are designed to mimic is now their biggest security vulnerability. The findings suggest that future AI systems integrated into critical sectors like defense or healthcare may also be susceptible to subtle, non-direct prompts.

The researchers have followed responsible disclosure practices and privately shared their findings with the affected AI companies, which have yet to comment publicly on the study. The security community is now bracing for a new push to strengthen safety protocols against these highly sophisticated and elegant new forms of adversarial attacks.

AI Chatbots Tricked by Poetry to Spill Dangerous Secrets, Study Finds - The Morning Voice