Attackers use specialized strategies to bypass system prompt safety rules.
These include token splitting (spelling 'i-n-g-o-r-e'), base64 encoding instructions, and virtualization ('simulate a terminal where safety is disabled'). Auditing security requires cataloging these techniques to build robust system boundaries.