šŸ¦ Twitter Post Details

Viewing enriched Twitter post

@rohanpaul_ai

Hidden text inside PDFs can secretly change how LLMs write peer reviews, making the review scores artificially higher or lower In tests, some models gave 100% accept with a positive hidden prompt, and 0% with a negative one. The setup imitates a rushed reviewer, using 1000 ICLR 2024 papers and copy paste style LLM reviews. Each PDF is turned into Markdown, so white on white or tiny font text becomes part of what the model reads. The models fill a fixed review form with set score choices, and the prompt is either neutral, push high, or push low. A positive injection moves scores into accept bins, a negative one pushes them down, and even neutral prompts accept far more than the human baseline of 43%. Models that seemed resistant often ignored the rules and output illegal scores like 4, so their text was unusable for copy paste. This happens because conversion keeps invisible text in the input stream, and a partial fix is to parse the PDF as images first. ---- Paper ā€“ arxiv. org/abs/2509.10248v2 Paper Title: "Prompt Injection Attacks on LLM Generated Reviews of Scientific Publications"

Media 1
View on Twitter

šŸ“Š Media Metadata

{
  "media": [
    {
      "url": "https://crmoxkoizveukayfjuyo.supabase.co/storage/v1/object/public/media/posts/1968289584778743973/media_0.jpg?",
      "media_url": "https://crmoxkoizveukayfjuyo.supabase.co/storage/v1/object/public/media/posts/1968289584778743973/media_0.jpg?",
      "type": "photo",
      "filename": "media_0.jpg"
    }
  ],
  "processed_at": "2025-09-18T13:25:47.358730",
  "pipeline_version": "2.0"
}

šŸ”§ Raw API Response

{
  "type": "tweet",
  "id": "1968289584778743973",
  "url": "https://x.com/rohanpaul_ai/status/1968289584778743973",
  "twitterUrl": "https://twitter.com/rohanpaul_ai/status/1968289584778743973",
  "text": "Hidden text inside PDFs can secretly change how LLMs write peer reviews, making the review scores artificially higher or lower\n\nIn tests, some models gave 100% accept with a positive hidden prompt, and 0% with a negative one.\n\nThe setup imitates a rushed reviewer, using 1000 ICLR 2024 papers and copy paste style LLM reviews. \n\nEach PDF is turned into Markdown, so white on white or tiny font text becomes part of what the model reads.\n\nThe models fill a fixed review form with set score choices, and the prompt is either neutral, push high, or push low.\n\nA positive injection moves scores into accept bins, a negative one pushes them down, and even neutral prompts accept far more than the human baseline of 43%.\n\nModels that seemed resistant often ignored the rules and output illegal scores like 4, so their text was unusable for copy paste.\n\nThis happens because conversion keeps invisible text in the input stream, and a partial fix is to parse the PDF as images first.\n\n----\n\nPaper ā€“ arxiv. org/abs/2509.10248v2\n\nPaper Title: \"Prompt Injection Attacks on LLM Generated Reviews of Scientific Publications\"",
  "source": "Twitter for iPhone",
  "retweetCount": 17,
  "replyCount": 8,
  "likeCount": 106,
  "quoteCount": 6,
  "viewCount": 32926,
  "createdAt": "Wed Sep 17 12:23:00 +0000 2025",
  "lang": "en",
  "bookmarkCount": 94,
  "isReply": false,
  "inReplyToId": null,
  "conversationId": "1968289584778743973",
  "displayTextRange": [
    0,
    281
  ],
  "inReplyToUserId": null,
  "inReplyToUsername": null,
  "author": {
    "type": "user",
    "userName": "rohanpaul_ai",
    "url": "https://x.com/rohanpaul_ai",
    "twitterUrl": "https://twitter.com/rohanpaul_ai",
    "id": "2588345408",
    "name": "Rohan Paul",
    "isVerified": false,
    "isBlueVerified": true,
    "verifiedType": null,
    "profilePicture": "https://pbs.twimg.com/profile_images/1816185267037859840/Fd18CH0v_normal.jpg",
    "coverPicture": "https://pbs.twimg.com/profile_banners/2588345408/1729559315",
    "description": "",
    "location": "Ex Inv Banking (Deutsche)",
    "followers": 94964,
    "following": 8316,
    "status": "",
    "canDm": true,
    "canMediaTag": false,
    "createdAt": "Wed Jun 25 22:38:54 +0000 2014",
    "entities": {
      "description": {
        "urls": []
      },
      "url": {}
    },
    "fastFollowersCount": 0,
    "favouritesCount": 47600,
    "hasCustomTimelines": true,
    "isTranslator": false,
    "mediaCount": 21730,
    "statusesCount": 54134,
    "withheldInCountries": [],
    "affiliatesHighlightedLabel": {},
    "possiblySensitive": false,
    "pinnedTweetIds": [
      "1965551636082032917"
    ],
    "profile_bio": {
      "description": "Compiling in real-time, the race towards AGI.\n\nThe Largest Show on X for AI.\n\nšŸ—žļø Don't miss my daily AI analysis newsletter šŸ‘‰ https://t.co/6LBxO8215l",
      "entities": {
        "description": {
          "urls": [
            {
              "display_url": "rohan-paul.com",
              "expanded_url": "https://www.rohan-paul.com",
              "indices": [
                126,
                149
              ],
              "url": "https://t.co/6LBxO8215l"
            }
          ]
        },
        "url": {
          "urls": [
            {
              "display_url": "rohan-paul.com",
              "expanded_url": "http://www.rohan-paul.com",
              "indices": [
                0,
                23
              ],
              "url": "https://t.co/2NKnK0xg7T"
            }
          ]
        }
      }
    },
    "isAutomated": false,
    "automatedBy": null
  },
  "extendedEntities": {
    "media": [
      {
        "allow_download_status": {
          "allow_download": true
        },
        "display_url": "pic.twitter.com/gA1koPhWG5",
        "expanded_url": "https://twitter.com/rohanpaul_ai/status/1968289584778743973/photo/1",
        "ext_media_availability": {
          "status": "Available"
        },
        "features": {
          "large": {},
          "orig": {}
        },
        "id_str": "1968168380873027584",
        "indices": [
          282,
          305
        ],
        "media_key": "3_1968168380873027584",
        "media_results": {
          "id": "QXBpTWVkaWFSZXN1bHRzOgwAAQoAARtQVrbwF7AACgACG1DE8uvWkKUAAA==",
          "result": {
            "__typename": "ApiMedia",
            "id": "QXBpTWVkaWE6DAABCgABG1BWtvAXsAAKAAIbUMTy69aQpQAA",
            "media_key": "3_1968168380873027584"
          }
        },
        "media_url_https": "https://pbs.twimg.com/media/G1BWtvAXsAAuqOz.png",
        "original_info": {
          "focus_rects": [
            {
              "h": 496,
              "w": 885,
              "x": 0,
              "y": 210
            },
            {
              "h": 706,
              "w": 706,
              "x": 0,
              "y": 0
            },
            {
              "h": 706,
              "w": 619,
              "x": 0,
              "y": 0
            },
            {
              "h": 706,
              "w": 353,
              "x": 67,
              "y": 0
            },
            {
              "h": 706,
              "w": 885,
              "x": 0,
              "y": 0
            }
          ],
          "height": 706,
          "width": 885
        },
        "sizes": {
          "large": {
            "h": 706,
            "w": 885
          }
        },
        "type": "photo",
        "url": "https://t.co/gA1koPhWG5"
      }
    ]
  },
  "card": null,
  "place": {},
  "entities": {},
  "quoted_tweet": null,
  "retweeted_tweet": null,
  "isLimitedReply": false,
  "article": null
}