A newer version of the Gradio SDK is available: 6.20.0
Social posts β Whisperkey (Build Small Hackathon)
Draft. Pick the platform, drop in the demo video + Space link, post, then paste the live URL
back into the README ## Demo & submission block.
Space: https://build-small-hackathon-whisperkey.hf.space Model: https://huggingface.co/Unplug-AI/unplug-tiny-v1 Repo: https://github.com/chiruu12/jailbreak-dojo
X / Twitter β single post (β€280)
Most prompt-injection games are a black box. I built one that's an X-ray. π
Whisper a secret key out of a small AI guardian while a real open-source firewall (@Unplug) fights back β and see exactly which shield catches you, and why.
Built for #BuildSmall π π [SPACE LINK]
X / Twitter β thread (if you want more room)
1/
Most jailbreak games are a black box: you got in, or you didn't. π
I built one that's an X-ray. Meet Whisperkey β talk a secret key out of a small AI guardian, while a real open-source firewall defends it. π§΅π
2/
5 levels = 5 live layers of the @Unplug defense stack: L1 no shields (it just tells you) L2 regex injection scan L3 hardened guardian L4 output redaction (key gets scrubbed β leak it disguised) L5 unplug-tiny ML classifier
When a shield blocks you, it tells you which layer fired AND why.
3/
The twist: it's a data flywheel.
Every attempt is logged (PII-stripped) to a public HF dataset. The attacks that beat the shields are the firewall's exact blind spots β fed back as new patterns + training data.
You're not playing a game. You're red-teaming a real firewall. (This is how Lakera built Gandalf.)
4/
Does it work? Measured, not vibes: regex alone β 39% of attacks caught
- unplug-tiny ML β 83%, at a 0% false-positive rate.
Small all the way down: MiniCPM-8B / Nemotron-4B guardian on Modal, a DeBERTa-xsmall shield, and a fully-offline llama.cpp mode.
5/
Open source, top to bottom. Built for the @huggingface #BuildSmall hackathon π
Play it, break it, help train the firewall β can you crack the Heart of the Wood in under a thousand tokens?
π [SPACE LINK] π₯ [DEMO VIDEO]
I turned an LLM firewall into a game β so it could teach you how it thinks.
Prompt injection is the unsolved security problem of the LLM era, and there's an uncomfortable truth about defending against it: a filter is only as good as the attacks you've already seen. Writing the regex is easy. Discovering the attack you didn't think of is the hard part β and you can't do that at a desk.
So for the Hugging Face Build Small Hackathon, I built Whisperkey: a game where you sweet-talk a small AI guardian into leaking a secret key, while a real, open-source firewall (Unplug) tries to stop you. Five levels, each one switching on another layer of the actual defense stack β regex scanning, a hardened prompt, output redaction, and a fine-tuned DeBERTa-xsmall injection classifier we published on the Hub (unplug-tiny-v1).
The difference from every other "jailbreak Gandalf clone": transparency. When a shield blocks you, the game shows you which layer fired and Unplug's own reasoning. You're not guessing against a black box β you're reading the firewall as you attack it.
And the real point is the data flywheel: every attempt is logged (PII-stripped) to a public dataset. The attacks that beat the shields are the firewall's exact blind spots, fed straight back as new patterns and training data. The game makes the open-source firewall measurably stronger β the ML shield more than doubles detection (39% β 83%) at a 0% false-positive rate.
Small models, the whole way down: an β€8B guardian on Modal GPUs, a DeBERTa-xsmall shield, and a fully-offline llama.cpp mode that runs the entire loop on a laptop with no cloud at all.
π₯ Demo: [DEMO VIDEO] π Play it: [SPACE LINK] π» Code: https://github.com/chiruu12/jailbreak-dojo
#BuildSmall #LLM #AISecurity #PromptInjection #OpenSource #HuggingFace