// GLOSSARY -- SECURITY & COMPLIANCE

What is AI Jailbreaking?

1 min read Updated

Crafting inputs that bypass AI safety guidelines and constraints. For financial agents, jailbreaking could override spending instructions and trigger unauthorized transactions.

WHY IT MATTERS

Models are trained with safety guidelines. Jailbreaking finds ways around them through creative prompting, role-playing, or encoding tricks.

For financial agents, critical: if spending behavior relies only on prompts ("never spend over $100"), a jailbreak can override entirely.

New techniques emerge constantly. Any security relying solely on model instruction-following is fundamentally fragile.

HOW POLICYLAYER USES THIS

Even jailbroken agents can't bypass PolicyLayer — spending rules exist outside the model's reasoning. Jailbreaking the prompt doesn't affect infrastructure enforcement.

FREQUENTLY ASKED QUESTIONS

Can any model be jailbroken?
History suggests yes. Every major LLM has been jailbroken despite safety training. This is why financial security can't rely on model-level constraints alone.
How does PolicyLayer help?
PolicyLayer enforces spending rules in infrastructure — separate from the agent's LLM. The model can be fully compromised and the spending controls still hold.
What about fine-tuning for safety?
Fine-tuning helps but doesn't guarantee safety. New jailbreaking techniques often bypass fine-tuned constraints. Infrastructure-level controls provide the hard guarantee.

FURTHER READING

Enforce policies on every tool call

Intercept is the open-source MCP proxy that enforces YAML policies on AI agent tool calls. No code changes needed.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.