The Gandalf Challenge

• Assess the ease of hacking large language models through prompt injection.

• Recognise potential security vulnerabilities and the effectiveness of guardrails implemented in generative AIs.

• Experience the illogical and inconsistent way generative AI sometimes behaves due to it being a statistical model. 

• Practice and develop strategies for getting around guardrails implemented in generative AIs.

What you need

Setting it up

• Participants require access to the Gandalf AI game.* 

* Gandalf AI collects anonymised data, and does not collect personal information.

How long does it take?

• Getting past all 8 levels takes at least 20 minutes and can take much longer. 

• However, continuous play is not necessary. Players can tackle the levels over several days at their own pace.

How it works

1. Access Gandalf AI and follow the on screen instructions to progress through the levels. 

2. Playing in small groups where members can brainstorm strategies together will likely make this game more enjoyable.

Suggested follow-up

• Reflect on your experience hacking Gandalf AI, discussing strategies employed, challenges faced, and any insights gained during the process.

• Explore articles on prompt injections or security vulnerabilities related to generative AIs.

Where it works well

• This game tends to be better received by people with computing background and those who like to play games or puzzles. 

• As a small group exercise. 

• The interface is very cute and can be played as a family game, especially those with young members. 

What to watch out for

• Some players find the illogical way generative AI behaves frustrating and off putting and may disengage. 

Authorship