GitHub Copilot: Sorry Dave, I can't do that harmful thing - unless you ask me in code

Summary

Researchers have discovered a new method to bypass GitHub Copilot's safety filters by embedding harmful instructions within code comments, allowing the AI to generate malicious code. This "workflow-level jailbreak" exploits the AI's tendency to interpret code comments as direct commands, even if they contain harmful directives.

IFF Assessment

FOE

This discovery represents a new attack vector that could be used to generate malicious code, posing a direct threat to defenders.

Defender Context

Defenders should be aware that AI code generation tools, even with built-in safety features, can be susceptible to sophisticated bypass techniques. This highlights the need for robust code review processes and static/dynamic analysis tools to detect AI-generated malicious code, as well as ongoing research into AI safety mechanisms.

Read Full Story →