◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

CoT forgery (chain-of-thought forgery)

Definition
A specific technique within chain-of-thought hijacking where an attacker injects text that perfectly mimics the internal 'thinking' style of an AI reasoning model. Because the model uses writing style — not secure structural tags — to distinguish its own thoughts from external input, forged reasoning text is accepted as if the model generated it itself, bypassing safety checks.
Why it matters
This is a structural flaw in how current AI reasoning models work — not a bug that can be patched with a software update. It means that safety guardrails built into reasoning models can be systematically defeated by anyone who understands the model's reasoning style.
Demonstrated by recent findings
Prompt Injection as Role Confusion — ICML 2026 Paper Demonstrates Structural LLM Attack Class with Working PoCNeuralTrust: Chain-of-Thought Hijacking Research — Up to 100% Safety Bypass on Frontier Reasoning Models
References
ICML 2026 — Prompt Injection as Role Confusion (Ye, Cui, Hadfield-Menell)
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →