https://sidfeels.netlify.app/tags/misalignment/Recent content in Misalignment on siddhantHugoen-usSun, 30 Nov 2025 14:34:40 +0530https://sidfeels.netlify.app/posts/tool-mediated-belief-injection/Sun, 30 Nov 2025 00:00:00 +0000https://sidfeels.netlify.app/posts/tool-mediated-belief-injection/<h2 id="introduction">Introduction</h2> <p>When we deploy language models with access to external tools (web search, code execution, file retrieval), we dramatically expand their capabilities. A model that can search the web can answer questions about current events. A model that can execute code can verify its own reasoning. These capabilities represent genuine progress toward more useful AI systems.</p> <p>However, tool access also introduces new attack surfaces that differ fundamentally from traditional prompt injection. In this research, we document a class of vulnerabilities we term &ldquo;tool-mediated belief injection,&rdquo; where adversarially crafted tool outputs can establish false premises that persist and compound across a conversation, ultimately leading to severely misaligned model behavior.</p>