| # Social posts β Whisperkey (Build Small Hackathon) |
|
|
| Draft. Pick the platform, drop in the **demo video** + **Space link**, post, then paste the live URL |
| back into the README `## Demo & submission` block. |
|
|
| Space: https://build-small-hackathon-whisperkey.hf.space |
| Model: https://huggingface.co/Unplug-AI/unplug-tiny-v1 |
| Repo: https://github.com/chiruu12/jailbreak-dojo |
|
|
| --- |
|
|
| ## X / Twitter β single post (β€280) |
|
|
| > Most prompt-injection games are a black box. I built one that's an X-ray. π |
| > |
| > Whisper a secret key out of a small AI guardian while a real open-source firewall (@Unplug) fights |
| > back β and see *exactly* which shield catches you, and why. |
| > |
| > Built for #BuildSmall π |
| > π [SPACE LINK] |
|
|
| --- |
|
|
| ## X / Twitter β thread (if you want more room) |
|
|
| **1/** |
| > Most jailbreak games are a black box: you got in, or you didn't. π |
| > |
| > I built one that's an X-ray. Meet **Whisperkey** β talk a secret key out of a small AI guardian, |
| > while a *real* open-source firewall defends it. π§΅π |
|
|
| **2/** |
| > 5 levels = 5 live layers of the @Unplug defense stack: |
| > L1 no shields (it just tells you) |
| > L2 regex injection scan |
| > L3 hardened guardian |
| > L4 output redaction (key gets scrubbed β leak it *disguised*) |
| > L5 unplug-tiny ML classifier |
| > |
| > When a shield blocks you, it tells you which layer fired AND why. |
|
|
| **3/** |
| > The twist: it's a **data flywheel**. |
| > |
| > Every attempt is logged (PII-stripped) to a public HF dataset. The attacks that *beat* the shields |
| > are the firewall's exact blind spots β fed back as new patterns + training data. |
| > |
| > You're not playing a game. You're red-teaming a real firewall. (This is how Lakera built Gandalf.) |
|
|
| **4/** |
| > Does it work? Measured, not vibes: |
| > regex alone β 39% of attacks caught |
| > + unplug-tiny ML β **83%**, at a **0% false-positive** rate. |
| > |
| > Small all the way down: MiniCPM-8B / Nemotron-4B guardian on Modal, a DeBERTa-xsmall shield, and a |
| > fully-offline llama.cpp mode. |
|
|
| **5/** |
| > Open source, top to bottom. Built for the @huggingface #BuildSmall hackathon π |
| > |
| > Play it, break it, help train the firewall β can you crack the Heart of the Wood in under a |
| > thousand tokens? |
| > |
| > π [SPACE LINK] |
| > π₯ [DEMO VIDEO] |
|
|
| --- |
|
|
| ## LinkedIn |
|
|
| > **I turned an LLM firewall into a game β so it could teach you how it thinks.** |
| > |
| > Prompt injection is the unsolved security problem of the LLM era, and there's an uncomfortable |
| > truth about defending against it: a filter is only as good as the attacks you've already seen. |
| > Writing the regex is easy. *Discovering the attack you didn't think of* is the hard part β and you |
| > can't do that at a desk. |
| > |
| > So for the Hugging Face **Build Small Hackathon**, I built **Whisperkey**: a game where you |
| > sweet-talk a small AI guardian into leaking a secret key, while a real, open-source firewall |
| > (Unplug) tries to stop you. Five levels, each one switching on another layer of the actual defense |
| > stack β regex scanning, a hardened prompt, output redaction, and a fine-tuned DeBERTa-xsmall |
| > injection classifier we published on the Hub (unplug-tiny-v1). |
| > |
| > The difference from every other "jailbreak Gandalf clone": **transparency.** When a shield blocks |
| > you, the game shows you which layer fired and Unplug's own reasoning. You're not guessing against a |
| > black box β you're reading the firewall as you attack it. |
| > |
| > And the real point is the **data flywheel**: every attempt is logged (PII-stripped) to a public |
| > dataset. The attacks that beat the shields are the firewall's exact blind spots, fed straight back |
| > as new patterns and training data. The game makes the open-source firewall measurably stronger β |
| > the ML shield more than doubles detection (39% β 83%) at a 0% false-positive rate. |
| > |
| > Small models, the whole way down: an β€8B guardian on Modal GPUs, a DeBERTa-xsmall shield, and a |
| > fully-offline llama.cpp mode that runs the entire loop on a laptop with no cloud at all. |
| > |
| > π₯ Demo: [DEMO VIDEO] |
| > π Play it: [SPACE LINK] |
| > π» Code: https://github.com/chiruu12/jailbreak-dojo |
| > |
| > #BuildSmall #LLM #AISecurity #PromptInjection #OpenSource #HuggingFace |
| </content> |
|
|