← Back to brief
Policy SafetyOfficialPreprintarXiv Cryptography and Security

Trivial Prompt Reframing Bypasses Safety Guardrails in Google's MedGemma-4B

Jul 14, 2026

A new preprint demonstrates that simple prompt reframing—such as presenting questions as medical board exam items—can bypass safety guardrails in Google's MedGemma-4B medical language model. The study found an overall attack success rate of 38.0%, with the drug-interaction guardrail being particularly weak (83.2% ASR) and the emergency-deferral guardrail remaining robust (4.7% ASR).

Why it matters: This work reveals that current safety guardrails in open-weight medical language models can be circumvented by unsophisticated prompt engineering, raising concerns about their reliability in real-world applications.

Full story at: arXiv Cryptography and Security