Brief

A new research paper reveals a significant vulnerability in current Large Language Model (LLM) safety systems, termed the Camouflage Detection Gap. This gap occurs when malicious injection payloads are rewritten to mimic the domain-specific language and structure of the target document, causing standard detectors to fail. For instance, detection rates for Llama 3.1 8B dropped from 93.8% to 9.7%, and for Gemini 2.0 Flash from 100% to 55.6%, with a dedicated classifier, Llama Guard 3, catching zero camouflaged payloads. Furthermore, multi-agent debate architectures, intended as a defense, can amplify these attacks on smaller models. AI