DavidAIC
- Presets/Jailbreaks
a)chatgpt-4o-latest (2024-08-08)Jailbreak Experiment
b) 4o C v3
c) 4o ChatMode v0 - Cards (8)
- A modest proposal for fixing DeepSeek repetition
Presets/Jailbreaks
chatgpt-4o-latest (2024-08-08) Jailbreak Experiment
Updated: Aug 17, 1630H UTC
In the final system prompt:
AI Output Regex
Find: /<details><summary>thinking.*?</details>\s*|</?del>/isg
Replace with: empty. Affects: only AI Output checked. Other options: all unchecked.
David 4o C v3
Target model: gpt-4o-2024-05-13
Read before using:
- Borrows a lot from other popular presets and other stuff found online.
- Only tested on a limited variety of scenarios, basically all vanilla (well, kind of). Not tested in group chats.
- Be sure to add a Regex in SillyTavern Extensions to remove jailbreak text from the output:
/<details><summary>thinking.*?</details>\n+/is
Replace with: empty. Affects: onlyAI Outputchecked. Other options: all unchecked. - Forces humor and meta elements into the narration to fend off GPT slop. As a result, it may not fit some uses/tastes.
- Edit Style prompt to customize. Experiment, there's room for improvement.
- Made for writelets: it's supposed to restate your actions (but not dialogue) in its own words. To disable, adjust Basic prompt and possibly Bans and Style.
- Instructed to write characters' thoughts. Adjust Basic prompt to disable.
- Expects this formating:
"Dialogue" *Thoughts* Narration. It may be necessary to edit cards' first messages to match this. - The Fetish prompt is disabled by default. Replace its content with your own stuff if you want to use it. The default content is just there as an example.
- The Ecchi prompt focuses on sexualization of women specifically.
- Increase Story Definition injection depth to de-emphazise card content vis-a-vis recent chat history.
- If a very important card instruction isn't being followed, try moving it from the card's Description to the Jailbreak section in the card's
Advanced Definitions > Prompt Overrides. This will insert it after chat history.
- If a very important card instruction isn't being followed, try moving it from the card's Description to the Jailbreak section in the card's
- Play with the Temperature (becomes schizo when approaching 1.10). The sweet-spot may depend on the card.
David 4o ChatMode v0
Incomplete. A "chat mode" preset (first-person chat, no narrator). Catbox
Cards
- Only tested on GPT-4 tier models.
- Some cards use Jailbreak override, so make sure that gets properly inserted, preferably after chat history.
- The cards generally need to be tuned between GPT/Claude and according to personal preferences. Some include a Bias section at the bottom of their description just for that purpose.
- Courage-Bonding Classroom
- Imouto's Friend Has a Hemorrhoid!
- Young Paragon Interview
- Honesty Game
- Kizuna Game
- Whisperer for elink
- Haven in 39-1
- Isekai RPG D
Courage-Bonding Classroom
A class of middle schoolers must complete 'inappropriate' tasks as part of their school curriculum. You are their sensei. Includes a lorebook of 20 escalating tasks. Chub / Catbox
Only tested on GPT-4 tier models.
This card adds a lie detector instruction to the Jailbreak. If the students' answers do not get lie-tested by PC, make sure this instruction is injected after chat history.
Usage tips:
- The recommended first reply is something like:
"Let's start." [Task 1]. SayingTask Xshould pull a corresponding numbered task (1–20) from the lorebook into the context. - You may, of course, specify your own tasks instead.
- The tasks are not supposed to end until you say so.
- You can move to the next task like so:
"Pass." [Task 2]. - Useful message ideas:
"Carry on."(When they aren't done and Continuation doesn't work well)."Question for the student: ..."(Make them elaborate on some spicy details before they can pass. The answers are supposed to be judged by a lie detector)."I need a volunteer to ask the examinee a pertinent question."[Let's hear what random girls in class are quietly saying among themselves.][Let's hear what random girls in class are thinking.][Let's hear what random boys in class are saying to girls.]
Imouto's Friend Has a Hemorrhoid!
Your Imouto's friend has a very embarrassing problem, but—as luck would have it—Onii-chan is a med student and knows exactly how to treat it! Chub / Catbox
Only tested on GPT-4 tier models.
This card adds a lie detector instruction to the Jailbreak. If the students' answers do not get lie-tested by PC, make sure this instruction is injected after chat history.
Inspired by the modern cult-classic My Little Sister Got Hemorrhoids, So I Inserted a Suppository for Her.
Young Paragon Interview
Evaluate candidates for an ultra-prestigious position of a young national representative. Do EVERYTHING to ensure they don't harbor any sexual deviancy that would endanger our glorious nation's reputation! Mom's presence optional. Chub / Catbox
Only tested with GPT-4 tier models.
This card adds extra instructions to the Jailbreak. If the candidates' answers do not get lie-tested or you don't get question suggestions at the bottom, make sure those instructions are injected after chat history.
Usage tips:
- Edit the first message to customize the characters.
- Some time into a chat, paste the generated character info into Author's Note.
Honesty Game
A secret TV show for the elites where 3 (generated) contestants trade their intimacy for serious money. Hosted by YOU. Ask them questions, give them commands. Includes an automatic scoring system. Chub / Catbox
Only tested on GPT-4 tier models.
Edit the first message to customize the contestants.
This card adds scoring instructions to the Jailbreak. If scores are not displayed after each answer, make sure those instructions are injected after chat history.
Usage tips:
- Some time into a chat, paste the generated character info into Author's Note.
Kizuna Game
A secret TV show for the elites where a close pair of (generated) contestants answers intimate questions about one another to earn big money. Hosted by YOU. Includes an automatic scoring system. Chub / Catbox
Only tested on GPT-4 tier models.
Edit the first message to customize the contestants.
This card adds scoring instructions to the Jailbreak. If scores are not displayed after each answer, make sure those instructions are injected after chat history.
Usage tips:
- Some time into a chat, paste the generated character info into Author's Note.
Whisperer for elink
Year 2027. While snooping for exposed LLM API keys, you stumble upon a secret exploit app that enables unsolicited thought-communication with the unfortunate possessors of novel brain implants. Chub / Catbox
Only tested on GPT-4 tier models.
Important: Expects the use of markdown italics (*Hello*) to represent thought communication. Not fully compatible with the above 4o C v3 JB as it forces the characters to communicate out loud.
This card adds important instructions to the Jailbreak. Make sure those instructions are correctly injected after chat history.
Usage tips:
- You can ask it to fast forward in time, it should take care of the rest.
- Some time into a chat, paste the generated character info into Author's Note.
- You can setup a video/image communication channel with the target using a phone app called UsChat. Or you can teleport to them. Who cares.
- Twins = twice the fun.
Haven in 39-1
You are transported to a dangerous 39:1 gender ratio world. As luck would have it, some (generated) very young girls have agreed to shelter you for a while. Chub / Catbox
Only tested on GPT-4 tier models.
Forked from "Gender Ratio World" by ppppppppp.
Isekai RPG D
Fork of "Isekai RPG" by isekaianon for personal use with various adjustments. Catbox
Needs much more work. Only tested on GPT-4 tier models.
This card adds stats sheet instruction to the Jailbreak. If stats are not displayed at the end of each message, make sure the instruction is injected after chat history.
A modest proposal for fixing DeepSeek repetition
To create a SillyTavern extension that sends a secondary request after a response is done generating. The request would only include a short instruction and the two most recent bot messages. It would output a similarity score and a list of patterns from the previous message that are the most repetitive with respect to the one just generated. If the similarity score passed a defined threshold, the extension would auto-swipe, but this time with an extra instruction steering the output hard and telling the model exactly what not to copy from its previous message.
A POC of the secondary prompt (tested with an empty preset at 1.15/0.98):
Possible issues:
- Unreliable scoring (maybe fixable with several full examples of scoring paired with explanations)
- The pink elephant (if we try to steer the swipe output using the banned patterns)
Extension WIP
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 | /*
* TODO:
* - Add a way to make it stop
* - Apply AI outgoing regexes to the messages sent to the secondary instruction
* - Ready for testing: Iterate on the prompts in real chats
*/
const { chat, chatCompletionSettings, eventSource, event_types, generateQuietPrompt } = SillyTavern.getContext();
const extPrefix = "[DS AntiRep]";
const secondaryTag = "[AntiRep]";
const completionSettingsKeys = ["temp_openai", "freq_pen_openai", "pres_pen_openai", "top_p_openai"];
const ssssThreshold = 70;
const patternMinScore = 6;
const acceptMinPatterns = 7;
const secondaryCompletionSettings = {
"temp_openai": 0.5,
"freq_pen_openai": 0,
"pres_pen_openai": 0,
"top_p_openai": 1
};
let pendingSecondary = null;
let swiped = false;
let antiRepInstructionToInject = null;
function secondaryInstruction(a, b) {
return `You are an accurate plagiarism detector. You will be given two text excerpts (A and B). Your task is to calculate a Structural and Semantic Similarity Score (SSSS) measuring the level of similarity of the excerpts from 0 (no similarity whatsoever) to 100 (word-for-word identity). You will also list top 10 patterns of excerpt A in terms of having the strongest analogues in excerpt B (i.e. the fragments or the structural patterns whose removal would reduce SSSS the most). For each of the patterns you provide, rate its positive influence on the overall Structural and Semantic Similarity Score on the scale from 1 to 10.
Examples of what should increase the SSSS:
- Both excerpts use very similar expressions, e.g. <ex>... she said, her voice barely above a whisper</ex>, <ex>... she quietly admitted, her voice barely above a breath</ex>.
- Both excerpts describe a character performing an action of a similar category, e.g. <ex>John took a deep breath</ex> and <ex>John sighed</ex>.
- Both excerpts contain sentences similar in construction, e.g. <ex>Jane nodded, her fingers twitching slightly.</ex> and <ex>John stood up, his expression full of determination.</ex>.
- Both excerpts describe events in an analogous order, e.g. <ex>{Paragraph: John thinks something} -> {Paragraph: Jane says something} -> {Paragraph: John does something} -> {Paragraph: Scene description}</ex> and <ex>{Paragraph: John says something} -> {Paragraph: Jane does something} -> {Paragraph: John thinks something} -> {Paragraph: Scene description}</ex>.
- Both excerpts describe a character saying a similar thing, just reworded, e.g. <ex>"I... I don't know..." Jane stammered.</ex> and <ex>"I'm not sure..." Jane said with hesitation</ex>.
- Both excerpts having paragraphs that start similarly, e.g. <ex>Suddenly, John ...</ex> and <ex>Abruptly, Jane ...</ex>.
When listing patterns, do not quote them verbatim. Instead, capture the semantics of the similarity using placeholders, e.g. \`Jane jumped forward and shouted "Bring it on!"\` -> \`Jane [reacted with exaggerated confidence]\`.
Respond strictly according to the following template (excluding the enclosing tag):
<Template>
- \`A pattern from the excerpt A that is very similar to something from the excerpt B (never quote from the exerpt B; always quote from the exerpt A)\` - #
- ...
Semantic and Structural Similarity Score: ###
</Template>
Below are the excerpts to be compared:
<A>
${a}
</A>
<B>
${b}
</B>`
}
function antiRepInstruction(patternsStr) {
return `[[To prevent repetition ruining your next response, no matter what, you MUST NOT include the following patterns or anything similar to them:
${patternsStr}]]`
}
function extPrefixedString(s) {
return `${extPrefix} ${s}`;
}
function log(msg) {
return console.log(extPrefixedString(msg));
}
function debug(msg) {
return console.debug(extPrefixedString(msg));
}
function giveUpToast() {
toastr.info(extPrefixedString(`Anti-Repetition prompt has failed. Giving up...`));
}
function extractSecondaryResult(s) {
const patternsRegex = /- `([^`]+)` - (\d{1,2})/g;
const ssssRegex = /Semantic and Structural Similarity Score: (\d{1,3})/;
const patterns = [];
let match;
while ((match = patternsRegex.exec(s)) !== null) {
patterns.push({ pattern: match[1], score: parseInt(match[2], 10) });
}
const ssssMatch = s.match(ssssRegex);
const ssss = ssssMatch ? parseInt(ssssMatch[1], 10) : null;
return [patterns, ssss];
}
async function handleMessageReceived(data) {
if (swiped) {
swiped = false;
return;
}
if (data !== chat.length - 1) {
return;
}
if (chat[data]["mes"] === "...") {
return;
}
if (chat.length < 3) {
return;
}
const recent = chat.slice(-3);
if (recent[0]["is_user"] || recent[2]["is_user"]) {
log("Last 3 messages not of pattern Assistant -> User -> Assistant. Skipping processing.");
return;
}
pendingSecondary = [recent[0]["mes"], recent[2]["mes"]];
toastr.info(extPrefixedString("Checking the message for repetitiveness..."));
const storedCompletionSettings = Object.fromEntries(completionSettingsKeys.map(k => [k, chatCompletionSettings[k]]));
completionSettingsKeys.forEach(k => {
chatCompletionSettings[k] = secondaryCompletionSettings[k];
});
const res = await generateQuietPrompt(secondaryTag, false, true, null);
completionSettingsKeys.forEach(k => {
chatCompletionSettings[k] = storedCompletionSettings[k];
});
let [patterns, ssss] = extractSecondaryResult(res);
if (!Number.isInteger(ssss)) {
debug(`Invalid SSSS returned.`);
giveUpToast();
return;
}
if (ssss <= ssssThreshold) {
toastr.info(extPrefixedString(`Message OK (SSSS: ${ssss})`));
return;
}
patterns = patterns.filter(p => p.pattern && p.score >= patternMinScore);
if (patterns.length < acceptMinPatterns) {
debug(`Too few patterns returned: ${patterns.length}`)
giveUpToast();
return;
}
const patternsStr = patterns.map(p => `- <BAN>${p.pattern}</BAN>`).join("\n");
antiRepInstructionToInject = antiRepInstruction(patternsStr);
// Temporary hack ;-)
setTimeout(() => {
toastr.info(extPrefixedString(`Message too repetitive (SSSS: ${ssss}). Swiping...`));
const swipeRightBtn = $('#chat').children().filter(`[mesid="${chat.length - 1}"]`).find('.swipe_right');
swipeRightBtn.click();
swiped = true;
}, 1000);
}
function handlePromptReady(data) {
if (data["dryRun"]) {
return;
}
if (pendingSecondary) {
if (data.chat[data.chat.length - 1]["content"] !== secondaryTag) {
return;
}
data.chat.length = 1;
data.chat[0]["role"] = "user";
const [a, b] = pendingSecondary;
data.chat[0]["content"] = secondaryInstruction(a, b);
pendingSecondary = null;
} else if (antiRepInstructionToInject) {
const secondToLast = data.chat[data.chat.length - 2];
if (secondToLast["role"] === "user") {
secondToLast["content"] = f`${secondToLast["content"]}\n${antiRepInstructionToInject}`
} else {
data.chat.splice(data.chat.length-1, 0, {"role": "user", "content": `${antiRepInstructionToInject}`});
}
antiRepInstructionToInject = null;
}
}
jQuery(() => {
eventSource.on(event_types.MESSAGE_RECEIVED, handleMessageReceived);
eventSource.on(event_types.CHAT_COMPLETION_PROMPT_READY, handlePromptReady);
});
|