The GPT-4V model exhibits a vulnerability within its facial recognition safety protocols, enabling automated jailbreaking attacks. These attacks utilize Large Language Models (LLMs) to bypass established safety features and provoke unintended facial identification responses. The technique, known as "AutoJailbreak," employs iterative prompt refinement through an LLM "red-teaming" model, substantially enhancing the success rate of such attacks. This vulnerability exploits deficiencies in GPT-4V's prompt processing and safety alignment mechanisms, allowing adversaries to circumvent identity recognition restrictions. Mitigation steps: **For AI Developers:** * Implement robust filtering mechanisms for potentially harmful inputs, including images, to prevent exploitation. * Utilize advanced defense strategies that extend beyond LLM-based input/output evaluation to enhance cost-effectiveness and reduce dependency on computationally intensive verification processes. **For Model Trainers/Fine-tuners:** * Enhance the model's safety mechanisms to increase resilience against prompt manipulation techniques, such as those used in AutoJailbreak. * Develop and integrate improved methods for detecting and mitigating adversarial prompts during the training and fine-tuning processes.