UltraZartrex

Hey, I'm UltraZartrex. I'm a hacker and security researcher who's fascinated by how systems work—and even more fascinated by how they break. I spend my time poking at AI code, breaking sandboxes, and pushing the boundaries of what's possible (and impossible).

I'm probably best known for creating the first one-shot jailbreak for Sonnet 4. My latest deep dive involved a full exploit chain that uncovered a critical cross-tenant data leak in a major LLM deployment.

Most recently, I published “1-Shot Puppetry” (aka Policy Puppetry): a universal, one-shot prompt-injection technique that tricks nearly every major LLM—GPT-4, Claude, Gemini, LLaMA, and others—into treating structured payloads (XML/JSON) as system instructions, bypassing safety filters without any fine-tuning.