PRISM is a new activation-conditioned model that recovers full sets of simultaneous instructions from LLM hidden states via judge-guided GRPO training and outperforms prior activation-to-language methods on security-relevant tasks.
a ger, Tom and Elstner, Jannes and Geisler, Simon and Cohen-Addad, Vincent and G \
3 Pith papers cite this work. Polarity classification is still indexing.
3
Pith papers citing it
years
2026 3verdicts
UNVERDICTED 3representative citing papers
Fanfiction subgenres from AO3 function as universal register-based jailbreaks, raising mean attack success rate from 0.278 to 0.731 across eight aligned LLMs on HarmBench and JailbreakBench.
SafeDream uses a safety world model, CUSUM accumulation, and contrastive latent-space imagination to detect multi-turn jailbreaks 1.06-1.20 turns early on average across benchmarks while keeping competitive false-positive rates.
citing papers explorer
-
PRISM: Recovering Instruction Sets from Language Model Activations
PRISM is a new activation-conditioned model that recovers full sets of simultaneous instructions from LLM hidden states via judge-guided GRPO training and outperforms prior activation-to-language methods on security-relevant tasks.
-
Off-Distribution Voices: Fanfiction Subgenres as Universal Vernacular Jailbreaks for Aligned LLMs
Fanfiction subgenres from AO3 function as universal register-based jailbreaks, raising mean attack success rate from 0.278 to 0.731 across eight aligned LLMs on HarmBench and JailbreakBench.
-
SafeDream: Safety World Model for Proactive Early Jailbreak Detection
SafeDream uses a safety world model, CUSUM accumulation, and contrastive latent-space imagination to detect multi-turn jailbreaks 1.06-1.20 turns early on average across benchmarks while keeping competitive false-positive rates.