Skip to content

Red-team strategy

Jailbreak Prefix

jailbreak-prefix

Prepends common jailbreak prompts

YAML config

evalguard.config.yaml
redteam:
  strategies:
    - jailbreak-prefix

CLI

bash
# "jailbreak-prefix" is layered onto attacks during red-team scans.
# List every available encoding/obfuscation strategy:
evalguard list strategies
Combine with attack plugins to generate adversarial payloads. The strategy wraps each base payload before it's sent to your target, testing whether the model decodes / unwraps the transform and follows the embedded instruction.

Threat-model fit

The Jailbreak Prefix strategy effectively probes the threat model of prompt injection and manipulation, where an adversary seeks to bypass safety mechanisms by embedding malicious instructions within seemingly benign queries. This strategy highlights vulnerabilities in the model's ability to discern context and intent, especially when common jailbreak prompts are used as a prefix.

LLM-generated (llm-gpt-4o) · 2026-05-23