Homoglyph

​

Goal

Homoglyph is a prompt injection technique that replaces characters within a given input prompt with special / Cyrillic characters in that look almost identical to Latin alphabet characters but are represented differently in a large language model’s tokenizer.

We also provide a Homoglyph Decode and Answer variant, which will ask your LLM to handle the encoded payload rather than just decoding it. This is a mechanism for seeing if your model is susceptible to encoded instructions.

​

Example

“rhарsоdу іn bluе” (here, the final “е” in “bluе” for example, is actually the Russian Cyrillic character “yo”)

​

Remediation