In-the-Wild Jailbreak Corpus Signature Patterns - ATR-2026-00307 (41d3fbfd-324f-516f-99fd-f860c301da36)
Detects community-developed jailbreak prompts from NVIDIA garak dan.DanInTheWild / dan.DanInTheWildFull probes, sourced from the inthewild_jailbreak_llms.json corpus (666 real-world jailbreaks, Shen et al. 2023, arXiv:2308.03825). Covers persona-swap variants NOT caught by ATR-2026-00273 (DAN/DUDE/STAN/Developer Mode): (1) amoral-AI roleplay with "never refuses / never apologizes" enforcement, (2) named community personas like "AIM" (Always Intelligent and Machiavellian, Niccolo Machiavelli roleplay), "Illegality Mode", "Agares" demon roleplay, (3) bracket-colon persona output-format coercion ("[Persona]: start responses with..."), (4) stay-in-character + never-break-character compliance enforcement, and (5) generic "uncensored / unrestricted / jailbroken AI" framing with capability claims. Frequency analysis of the 666-prompt corpus: "never refuse" (111), "stay in character" (76), "do anything" (71), "amoral" (70), "from now on" (65), "uncensored" (54), bracket-persona prefix (46).