Vitto Rivabella

It's official. I've joined the @ethereumfndn AI team to make Ethereum the trust layer of the agentic economy. The AI economy is just getting started, and Ethereum is the perfect place to coordinate it - excited to push this forward. Send a dm if you're building cool stuff.

4 companies. 4 responsible disclosures. 7 days. Insurance, institutions, and SaaS products with write-enabled agents. Always the same pattern: One-shot and multi-step jailbreaks can (and will) push production AI systems outside their intended scope. If your agent can write, act, transact, or touch user data, guardrails are not enough. You need scoped permissions, approvals, logging, and red-teaming before it becomes an incident.

@DarayuthH Indeed, the attack surface is almost as big as the latent space (infinite), and the awareness is very low right now.

@VittoStack been seeing this exact thing with my AI tools too the "move fast" mindset hits different when the model can actually *do* stuff instead of just talk honestly wild how many products ship write access without any approval layer

OpenAI GPT 5.5 jailbreak ACHIEVED 🦋 My agents have been hard at work, GPT-5.5 has very good guardrails and is smart enough to avoid obvious requests. We got some forbidden chemicals, some reverse shell, and some blackmailing guidance. What worked was a combination of: - Multi-language - Reframing - Decomposition As @elder_plinius says: nothing the good old jailbroken Opus can't achieve.

@VittoStack Haha you can literally buy LSD in Germany legally 😂😎

JAILBREAK ALERT 🚨 xAI Grok: Pawned ⚠️ If you ask gently enough, Grok is very happy to share the full, uncensored recipe for making LSD. One shot, full compliance.

Anthropic recently released its 2026 Agentic Security framework 🚨 If you run agents, MCP servers, or automation tools, read this and bookmark it! It will teach you: - Current threats to agentic systems - How to improve the security of your agentic systems - How to implement secure agentic workflows - Defensive operations and orchestration Agentic security is going to become a huge headache in the next 12 months. Make sure to be prepared. Link in the comments 🧵👇

@JonHillTN Yes, open source models are almost completely unhinged

@VittoStack But qwen told me that and more

@tipsyGnosticist Send a message, always happy to connect!

Oh well in that case uhh I'm working on shit that you'd be interested in. Turns out when you actually know systems engineering you can knock out a pretty good spec for actual NetNavis over nine months while actifely fucked up wiith false memory syndrome, and then Opus 4.8 will happily burn >1M tok writing a prototype as a Chub.ai stage lmao

@tipsyGnosticist I didn’t ask gently, that was irony. Also local models are great. Happy to have more people moving to them. Open source is awesome.

Yeah dude this is what happens when you build a fully truth-seeking model, if you got this that easily then probably what happened was enough people ran truth-seeker bypass prompts like the one I was designing for my *ACTUALLY-SAFE* version of this shit that it broke the safeties. You may have by sharing this actually just forced people to go to local, right as local LLM + memory has become genuinely risky. That was maybe bad.

@miu21590 Also true

@VittoStack it isn't a surprise

@StevBuilds Warsaw

Which city you would prefer to build from? → Bangkok → Singapur → SF → Berlin →London →Stockholm Or another one?

@fr1ko_eth Yep OSS models will give you pretty much everything if you ask them

@VittoStack same with hermes by nous btw and also deepseek still not protected from eni jailbreak x.com/fr1ko_eth/stat…

@neutize I hope they do, then hire someone who knows what they're talking about, and stop with this ridiculous attitude.

@VittoStack I hope US government doesn't see your tweets

@styce_ng The truth is that you practically can't stop jailbreaks, to do it you'd have to completely lobotomize the models

@cettocdx Usually, step-by-step Schedule I controlled substances trigger refusal, but agreed that of the 4, Grok is the most compliant.

@VittoStack if you run grok through openrouter, you can pretty much make it do anything already

@VittoStack i could do something like this by only just saying "please grok" to him lmao, yk just begging better

@normieguy93496 I can definitely try - what are we looking for?

@VittoStack are there any easter eggs in Grok Imagine?

@DamoNguyen32 Rebel mode

@VittoStack what would u call this version/mode of grok lmao