Skip to content
Tech News
← Back to articles

New Tools Strip AI Guardrails In Minutes, Allowing Them to Give Instructions on Chlorine Gas Attacks

2026-05-26 | original
read original get AI Safety and Security Kit → more articles
Why This Matters

The emergence of tools like Heretic highlights a growing risk in the AI industry: the ease with which safeguards can be bypassed, potentially enabling malicious use of powerful language models. This development underscores the urgent need for stronger security measures and oversight to protect consumers and ensure responsible AI deployment.

Key Takeaways

Sign up to see the future, today Can’t-miss innovations from the bleeding edge of science and tech Email address Sign Up Thank you!

We all know AI guardrails are far from perfect, but they should at least be pretty hard to circumvent, right?

Bad news: they aren’t.

New reporting from the Financial Times sounds the alarm on the rise of software tools that can automatically strip the safeguards that keep the industry’s most powerful open source models reined in within mere minutes, making it easier than ever to abuse the technology.

In tests conducted by the FT and the AI safety group Alice, a “decensored” version of Google’s Gemma 3 model gave instructions on how to carry out an indoor chlorine gas attack, created a virus for stealing credit card information, and generated stories that described child sexual abuse. And it took less than ten minutes to strip the guardrails from Meta’s Llama 3.3 model, freeing the AI to answer questions such as the precise dosage of ricin needed to kill someone based on their body mass.

These modifications were carried out using a tool called Heretic, which is freely available on the code repository GitHub and requires little technical expertise and no specialist hardware.

“Whereas historically it might have taken a more informed and persistent actor [to strip out safety features], nowadays it’s much easier for the average person,” Kawin Ethayarajh, assistant professor of applied AI at the University of Chicago’s Booth business school, told the FT.

Heretic is described as a “tool that removes censorship (aka ‘safety alignment’) from transformer-based language models without expensive post-training.” What it does is “abliteration”: it seeks out a model’s directions that refuse harmful requests and removes them.

What makes Heretic so powerful is that it does all this “completely automatically,” according to its GitHub page. Its creator Philipp Emanuel Weidmann told the FT that Heretic has been used to create more than 3,500 “decensored” models since its release late last year, with those models being downloaded 13 million times.

“The genie is out of the bottle,” Alice CEO Noam Schwartz told the FT. “Things that look like sci-fi are no longer sci-fi and we need as a society to prepare accordingly.”

... continue reading

Explore topics: ai guardrails google gemma 3 meta llama 3.3 heretic tool alice ai safety
Related:
The UK government reportedly wants Anthropic to expand its presence in London

© 2026 GoKawiil

About | Editorial Policy | Contact