EchoGram Flaw Bypasses Guardrails in Major LLMs

HiddenLayer reveals the EchoGram vulnerability, which bypasses safety guardrails on GPT-5.1 and other major LLMs, giving security teams just a 3-month head start.

New research from the AI security firm HiddenLayer has exposed a vulnerability in the safety systems of today’s most popular Large Language Models (LLMs) like GPT-5.1, Claude, and Gemini. This flaw, discovered in early 2025 and dubbed EchoGram, allows simple, specially chosen words or code sequences to completely trick the automated defences, or guardrails, meant to keep the AI safe.

What is EchoGram and How Does it Work?

For your information, LLMs are protected by guardrails, which are basically filter systems designed to spot and block harmful requests, like asking the AI to give out secret information (Alignment Bypasses) or forcing it to ignore its rules (Task Redirection, also called Prompt Injection). These guardrails usually work in one of these two ways: a separate ...