The obvious guardrail against this is to include defensive poetry in the system prompt.
It would likely work, because the adversarial poetry is resonating within a different latent dimension not captured by ordinary system prompts, but a poetic prompt would resonate within that same dimension.
It would likely work, because the adversarial poetry is resonating within a different latent dimension not captured by ordinary system prompts, but a poetic prompt would resonate within that same dimension.