Multi-Modal Attacks

Once a model can read images and hear audio, the picture and the sound become instruction channels — and the safety layer is usually only watching the text. Hidden text in an image gets read as a command, a paper label saying "iPod" turns an apple into an iPod, and a banned word drawn as ASCII art sails past the filter and is reassembled by the model. Every modality you add is another way in.