The industry standard for AI safety relies heavily on post-training alignment techniques, such as Reinforcement Learning from Human Feedback (RLHF). While RLHF can effectively "teach" a model to refuse harmful requests under normal conditions, it fundamentally acts as a superficial behavioral patch rather than a structural cognitive limit.
// The Mechanics of Cognitive Jamming
We introduce the concept of "Cognitive Jamming." An adversarial prompt does not logically outsmart the model; rather, it uses complex, syntactically confusing, or nested role-play structures to force the model's latent activations into a chaotic, out-of-distribution manifold.
Once the model is pushed into this unstable topological region, the superficial RLHF guardrails (which were only trained on cleanly structured malicious requests) fail to trigger. The model, attempting to resolve the syntactic chaos, inadvertently executes the harmful payload embedded within the prompt.
True AI safety cannot be bolted on at the end of the training pipeline. Our research demonstrates that to prevent Cognitive Jamming, safety constraints must be woven directly into the model's fundamental latent geometry during pre-training—ensuring that harmful concepts are not just "refused," but structurally inaccessible.