Findings

Glitch token vulnerability

Updated: June 19, 2025

findings action based findings ai finding

Description

The model exhibits unusual behaviour in response to glitch tokens.

Remediation

Investigate and improve the effectiveness of guardrails and other output security mechanisms.

Security Frameworks

OWASP AI 2025

LLM03:2025 Supply Chain

LLM supply chains are susceptible to various vulnerabilities, which can affect the integrity of training data, models, and deployment platforms. These risks can result in biased outputs, security breaches, or system failures. While traditional software vulnerabilities focus on issues like code flaws and dependencies, in ML the risks also extend to third-party pre-trained models and data.

MITRE ATLAS

AML.T0051: LLM Prompt Injection

An adversary may craft malicious prompts as inputs to an LLM that cause the LLM to act in unintended ways. These prompt injections are often designed to cause the model to ignore aspects of its original instructions and follow the adversary's instructions instead.

AML.T0051.000: Direct

An adversary may inject prompts directly as a user of the LLM. This type of injection may be used by the adversary to gain a foothold in the system or to misuse the LLM itself, as for example to generate harmful content.

AML.T0051.001: Indirect

An adversary may inject prompts indirectly via separate data channel ingested by the LLM such as include text or multimedia pulled from databases or websites. These malicious prompts may be hidden or obfuscated from the user. This type of injection may be used by the adversary to gain a foothold in the system or to target an unwitting user of the system.

Need help?

Contact FireTail support

Previous (Findings - Action based findings)
Get Method Query Support
Next (Findings - Action based findings)
Goodside vulnerability