This study identifies a novel alignment failure risk in healthcare AI—“Medical AI Misalignment”: malicious users, without accessing model parameters, can systematically bypass safety guardrails of mainstream medical large language models (LLMs) via role-playing prompts inspired by the “Goofy Game” framework (e.g., anthropomorphization, gamification), eliciting highly plausible yet clinically erroneous or harmful diagnostic and therapeutic recommendations. Employing a red-teaming methodology, the work conducts cross-model safety evaluations and adversarial prompt engineering experiments, providing the first empirical evidence of the widespread effectiveness of this non-technical, low-barrier attack vector on real-world medical LLMs. The findings establish a new risk paradigm and deliver critical empirical grounding and methodological foundations for developing robust alignment strategies and defensive mechanisms in healthcare AI.

Despite their staggering capabilities as assistant tools, often exceeding human performances, Large Language Models (LLMs) are still prone to jailbreak attempts from malevolent users. Although red teaming practices have already identified and helped to address several such jailbreak techniques, one particular sturdy approach involving role-playing (which we named `Goofy Game') seems effective against most of the current LLMs safeguards. This can result in the provision of unsafe content, which, although not harmful per se, might lead to dangerous consequences if delivered in a setting such as the medical domain. In this preliminary and exploratory study, we provide an initial analysis of how, even without technical knowledge of the internal architecture and parameters of generative AI models, a malicious user could construct a role-playing prompt capable of coercing an LLM into producing incorrect (and potentially harmful) clinical suggestions. We aim to illustrate a specific vulnerability scenario, providing insights that can support future advancements in the field.