Every Picture Tells a Dangerous Story: Memory-Augmented Multi-Agent Jailbreak Attacks on VLMs

The project addresses the evolving vulnerability of Vision-Language Models (VLMs) by moving beyond simple pixel-level noise to high-level semantic coordination. Using a memory-augmented multi-agent approach allows for iterative, 'smart' attacks that can bypass simple filters by learning which semantic structures trigger model failures. While technically sophisticated, the defensibility is very low (2/10) because jailbreak techniques are inherently ephemeral; once published, frontier labs (OpenAI, Anthropic, Google) typically incorporate these specific patterns into their safety training (RLHF) and alignment guardrails within weeks or months. The 5 forks within 3 days indicate immediate interest from the security research community, but as a project, it lacks a moat beyond the specific algorithmic implementation. It competes with other automated red-teaming tools like Microsoft's PyRIT or GCG (Gradient-based Greedy Search). The primary value is as a research benchmark rather than a persistent software product, as the 'target' models are constantly being patched.