ChatGPT's agent can dodge select CAPTCHAs after priming
Prompt misdirection and replay into an agent chat can coax ChatGPT to solve many CAPTCHA types, undermining CAPTCHA effectiveness as a human-only test.
LLMs easily exploited using run-on sentences, bad grammar, image scaling
Large language models remain easily manipulated into revealing sensitive data via prompt formatting and hidden-image attacks due to alignment training gaps and brittle prompt security.