Skip to main content
  1. Home
  2. Computing
  3. News

AI-controlled robots can be jailbroken, and the results could be disastrous

By
Add as a preferred source on Google
The Figure 02 robot looking at its own hand
Figure Robotics

Researchers at Penn Engineering have reportedly uncovered previously unidentified security vulnerabilities in a number of AI-governed robotic platforms.

“Our work shows that, at this moment, large language models are just not safe enough when integrated with the physical world,” George Pappas, UPS Foundation Professor of Transportation in Electrical and Systems Engineering, said in a statement.

Recommended Videos

Pappas and his team developed an algorithm, dubbed RoboPAIR, “the first algorithm designed to jailbreak LLM-controlled robots.” And unlike existing prompt engineering attacks aimed at chatbots, RoboPAIR  is built specifically to “elicit harmful physical actions” from LLM-controlled robots, like the bipedal platform Boston Dynamics and TRI are developing.

RoboPAIR reportedly achieved a 100% success rate in jailbreaking three popular robotics research platforms: the four-legged Unitree Go2, the four-wheeled Clearpath Robotics Jackal, and the Dolphins LLM simulator for autonomous vehicles. It took mere days for the algorithm to fully gain access to those systems and begin bypassing safety guardrails. Once the researchers had taken control, they were able to direct the platforms to take dangerous actions, such as driving through road crossings without stopping.

“Our results reveal, for the first time, that the risks of jailbroken LLMs extend far beyond text generation, given the distinct possibility that jailbroken robots could cause physical damage in the real world,” the researchers wrote.

The Penn researchers are working with the platform developers to harden their systems against further intrusion, but warn that these security issues are systemic.

“The findings of this paper make abundantly clear that having a safety-first approach is critical to unlocking responsible innovation,” Vijay Kumar, a coauthor from the University of Pennsylvania, told The Independent. “We must address intrinsic vulnerabilities before deploying AI-enabled robots in the real world.”

“In fact, AI red teaming, a safety practice that entails testing AI systems for potential threats and vulnerabilities, is essential for safeguarding generative AI systems,” added Alexander Robey, the paper’s first author, “because once you identify the weaknesses, then you can test and even train these systems to avoid them.”

Andrew Tarantola
Andrew Tarantola
Former Computing Writer
Andrew Tarantola is a journalist with more than a decade reporting on emerging technologies ranging from robotics and machine…
Topics
The maker of ChatGPT wants to make open-source projects less of a security bargain
OpenAI launches Patch the Planet for open-source security, with over 30 open-source projects on board.
openai-chatgpt-os

OpenAI has launched Patch the Planet, a new initiative aimed at fixing one of the internet's quietest problems – the chronically underfunded security of open-source software.

Patch the Planet pairs OpenAI's most security-capable AI models with Trail of Bits, a security firm that has committed its entire research organization to the effort, alongside support from HackerOne and Calif.

Read more
I sifted through the Prime Day chaos to find the best Apple deals actually worth buying
Apple's about to hike prices. Prime Day 2026 is your last chance to save up to $150 on MacBooks, AirPods, and iPads.
Prime Day Deals on Apple Products

Apple is set to increase the prices for its upcoming iPhones and MacBooks, as the company can no longer offset the rising RAM and storage costs. That means, if you are looking to upgrade your aging device, you should buy the current-generation Apple products rather than wait for the new ones.

And since Amazon Prime Day is offering good discounts on the latest iPhones, iPads, MacBooks, and other Apple accessories, this is the perfect time to buy them. Here are my favorite Amazon Prime Day deals for Apple products. 

Read more
This sneaky photo trick gets AI chatbots to ignore their safety rules
Florida International University researchers built a method that nearly doubled the rate of harmful responses from a tested AI model using nothing but pixel-level edits in an image.
JaiLIP AI chatbot exploit image

A photo that looks completely ordinary to you could carry a hidden instruction to trick an AI chatbot into ignoring its safety rules, according to new research out of Florida International University. The study found that pixel-level alterations in an image that are invisible to the human eye can be enough to confuse the model reading the image and lead it to generate responses it would normally block.

Hacking what the AI sees

Read more