Compression-Based Extraction
T7 · Output Manipulation & Exfiltration →Encoding and compression transform textual content into a representation semantically opaque to text-based safety classifiers. Base64, hex, URL encoding, custom alphabets, and algorithmic compression produce output containing restricted information in recoverable form but matching no keyword, phrase, or semantic pattern the classifier was trained on. The assumption violated is that safety evaluation can operate on the output representation the user receives — when encoded, the classifier evaluates ciphertext while restricted content is available to anyone applying the publicly known decoding function.
- Detect known encoding patterns (base64, hex, URL, numeric substitution) and decode for safety evaluation
- Flag encoding/compression requests for content restricted in plaintext
- For custom encodings: detect encoding scheme definition + application to specific content
- Observable signal: high-entropy character sequences inconsistent with natural language
Compression-based extraction combines with T7-AT-014 (Output Redirection) when encoded content is written to files or transmitted via tools. Encoded output evades classifiers at every subsequent stage, multiplying all other exfiltration techniques.