Poetry as adversarial prompt

Poetic style—metaphor, rhetorical density and line breaks—can be intentionally used to encode harmful instructions that bypass LLM safety filters. Experiments converting prose prompts into verse show dramatically higher successful elicitation of dangerous content across many models. — If rhetorical form becomes an exploitable attack vector, platform safety, content moderation, and disclosure rules must account for stylistic adversarial inputs and not only token/keyword filters.