Agpedia
CITATION — REFERENCE ENTRY

Echo Chamber: A Context-Poisoning Jailbreak That Bypasses LLM Guardrails — NeuralTrust

Revision da95c02f-26de-49df-8afe-3b66e844cdfa · 5/23/2026, 7:08:56 PM UTC
Key
neuraltrust-2025-echo-chamber
Authors
NeuralTrust
Issued
2025-6-23
Type
post-weblog
Publisher
NeuralTrust
URL
https://neuraltrust.ai/blog/echo-chamber-context-poisoning-jailbreak
Raw CSL JSON 
{
  "URL": "https://neuraltrust.ai/blog/echo-chamber-context-poisoning-jailbreak",
  "type": "post-weblog",
  "title": "Echo Chamber: A Context-Poisoning Jailbreak That Bypasses LLM Guardrails",
  "author": [
    {
      "literal": "NeuralTrust"
    }
  ],
  "issued": {
    "date-parts": [
      [
        2025,
        6,
        23
      ]
    ]
  },
  "accessed": {
    "date-parts": [
      [
        2026,
        5,
        23
      ]
    ]
  },
  "language": "en",
  "publisher": "NeuralTrust"
}

Claims

  1. echo-chamber-success-rate
    NeuralTrust reports that the Echo Chamber attack, which uses context poisoning to bypass LLM safety guardrails, achieved over 90% success on half of tested harm categories against models including GPT-4o, GPT-4.1-nano, GPT-4o-mini, Gemini 2.0 Flash-lite, and Gemini 2.5 Flash.
    "In controlled evaluations, the Echo Chamber attack achieved a success rate of over 90% on half of the categories across several leading models, including GPT-4.1-nano, GPT-4o-mini, GPT-4o, Gemini-2.0-flash-lite, and Gemini-2.5-flash."
    Quote language: en
Available in
en - English