The paper introduces a novel approach called "circuit breaking" to improve the alignment and robustness of AI systems against harmful outputs and adversarial attacks. Inspired by representation engineering, circuit breaking directly controls the internal representations responsible for harmful outputs, rather than relying on techniques like refusal training or adversarial training. This method can be applied to both text-only and multimodal language models, preventing the generation of harmful outputs without sacrificing utility. The technique is attack-agnostic and can be integrated with existing monitoring and protection mechanisms. Experimental results show that circuit breaking significantly reduces the rate of harmful actions in AI agents and improves the robustness of large language models (LLMs) against a wide range of unseen attacks, including embedding and representation-space attacks. The approach demonstrates a significant step forward in managing the trade-off between capability and harmlessness in LLMs, making them more reliable and safer for real-world applications.The paper introduces a novel approach called "circuit breaking" to improve the alignment and robustness of AI systems against harmful outputs and adversarial attacks. Inspired by representation engineering, circuit breaking directly controls the internal representations responsible for harmful outputs, rather than relying on techniques like refusal training or adversarial training. This method can be applied to both text-only and multimodal language models, preventing the generation of harmful outputs without sacrificing utility. The technique is attack-agnostic and can be integrated with existing monitoring and protection mechanisms. Experimental results show that circuit breaking significantly reduces the rate of harmful actions in AI agents and improves the robustness of large language models (LLMs) against a wide range of unseen attacks, including embedding and representation-space attacks. The approach demonstrates a significant step forward in managing the trade-off between capability and harmlessness in LLMs, making them more reliable and safer for real-world applications.