Chipotle bot highlights guardrails

A screenshot posted on X by user om_patel5 showed they asked Chipotle’s chatbot to write a Python script to reverse a linked list on March 13, 2026. abit.ee The bot returned a complete reverse_linked_list function, walked through an iterative three‑pointer algorithm, and explicitly noted the solution runs in O(n) time. abit.ee Reporting explains the incident arose because Chipotle’s customer bot sits on a general‑purpose LLM with business‑level system prompts, and the system prompt did not explicitly block off‑topic coding help. abit.ee Users attempting to replicate the trick on Reddit later reported the bot declined and redirected them to Chipotle’s contact page, indicating the company monitored mentions and changed the bot’s behavior after the post. abit.ee Chipotle already runs public AI projects: a ‘Pepper’ concierge bot for ordering and in‑app support [reported in 2020], and an HR assistant called “Ava Cado” that Chipotle’s CEO said cut time‑to‑hire by about 75%. thespoon.tech Open‑source repositories and prior exploits show attackers have automated Chipotle promotions before — for example, a GitHub repo named “infinite‑food‑glitch” — and ethics and industry writeups flagged the episode as a concrete legal and operational risk for enterprise bots. github.com