For tricking AI you may be able to do a better job by just giving the variables misleading names. If you say a variable is for a purpose by naming it that way the agent will likely roll with that. Especially if you do meaningless computations in between to mask it. The agent has been trained to read terrible code that has unknown meaning and likely has a very high tolerance for dealing with code that says one thing and does another.
> Especially if you do meaningless computations in between to mask it
I think this will do the trick against coding agents. LLMs already struggle to remember the top of long prompts, let alone if the malicious code is spread out over a large document or even several. LLM code obfuscation.
- Put the magic array in one file.
- The make the conversion to utf8 in a 2nd location.
- Move the data between a few variables with different names to make it loose track.
