Automatic Metrics + Red Team (Last 90 Days)

Researcher Quick Triage

This hub is best used for protocol triage and replication planning from abstract-level evidence. Quality band: Developing .

• 2 papers are replication-ready (benchmark + metric + explicit evaluation mode).
• 0 papers support judge-vs-human agreement analysis.
• 0 papers report explicit quality controls (calibration/adjudication/IAA).

Primary action: Use this page for scouting only; collect additional papers before attempting replication-critical comparisons.

Why This Matters For Eval Research

• 100% of papers report explicit human-feedback signals, led by red-team protocols.
• automatic metrics appears in 100% of papers in this hub.
• Semeval is a recurring benchmark anchor for cross-paper comparisons in this page.

Protocol Takeaways

• Quality-control reporting is sparse in this slice; prioritize papers with explicit calibration or adjudication steps.
• Rater context is mostly domain experts, and annotation is commonly trajectory-level annotation; use this to scope replication staffing.
• Stratify by benchmark (Semeval vs Tracesafe-Bench) before comparing methods.

Benchmark Interpretation

• Semeval appears in 9.1% of hub papers (1/11); use this cohort for benchmark-matched comparisons.
• Tracesafe-Bench appears in 9.1% of hub papers (1/11); use this cohort for benchmark-matched comparisons.

Metric Interpretation

• accuracy is reported in 36.4% of hub papers (4/11); compare with a secondary metric before ranking methods.
• helpfulness is reported in 18.2% of hub papers (2/11); compare with a secondary metric before ranking methods.

Start Here (Best First 6)

Ranked for protocol completeness (human signal, benchmark + metric anchors, quality controls, and judge/human overlap).

• TraceSafe: A Systematic Assessment of LLM Guardrails on Multi-Step Tool-Calling Trajectories

  Apr 8, 2026 · Citations: 0 · Score: 8.0

  HF: Red Team · Eval: Automatic Metrics · Benchmark: Tracesafe Bench · Metric: Accuracy

• SemEval-2026 Task 6: CLARITY -- Unmasking Political Question Evasions

  Mar 14, 2026 · Citations: 0 · Score: 7.5

  HF: Red Team · Eval: Automatic Metrics · Benchmark: Semeval · Metric: F1

• WebWeaver: Breaking Topology Confidentiality in LLM Multi-Agent Systems with Stealthy Context-Based Inference

  Mar 11, 2026 · Citations: 0 · Score: 5.5

  HF: Red Team · Eval: Automatic Metrics · Benchmark: Not Reported · Metric: Accuracy

• MUSE: A Run-Centric Platform for Multimodal Unified Safety Evaluation of Large Language Models

  Mar 3, 2026 · Citations: 0 · Score: 5.5

  HF: Red Team · Eval: Automatic Metrics · Benchmark: Not Reported · Metric: Success rate

• Exposing Long-Tail Safety Failures in Large Language Models through Efficient Diverse Response Sampling

  Mar 15, 2026 · Citations: 0 · Score: 5.5

  HF: Red Team · Eval: Automatic Metrics · Benchmark: Not Reported · Metric: Cost

• IH-Challenge: A Training Dataset to Improve Instruction Hierarchy on Frontier LLMs

  Mar 11, 2026 · Citations: 0 · Score: 5.5

  HF: Red Team · Eval: Automatic Metrics · Benchmark: Not Reported · Metric: Helpfulness

Protocol Matrix (Top 12)

Use this to quickly compare protocol ingredients instead of scanning long prose.

Protocol Diff (Top Papers)

Fast side-by-side comparison for the highest-ranked papers in this hub.

Top Papers

• TraceSafe: A Systematic Assessment of LLM Guardrails on Multi-Step Tool-Calling Trajectories

  Yen-Shan Chen, Sian-Yao Huang, Cheng-Lin Yang, Yun-Nung Chen · Apr 8, 2026 · Citations: 0

  Red Team Automatic Metrics Long Horizon

  As large language models (LLMs) evolve from static chatbots into autonomous agents, the primary vulnerability surface shifts from final outputs to intermediate execution traces.

• SemEval-2026 Task 6: CLARITY -- Unmasking Political Question Evasions

  Konstantinos Thomas, Giorgos Filandrianos, Maria Lymperaiou, Chrysoula Zerva, Giorgos Stamou · Mar 14, 2026 · Citations: 0

  Red Team Automatic Metrics

  The benchmark is constructed from U.S.

• WebWeaver: Breaking Topology Confidentiality in LLM Multi-Agent Systems with Stealthy Context-Based Inference

  Zixun Xiong, Gaoyi Wu, Lingfeng Yao, Miao Pan, Xiaojiang Du · Mar 11, 2026 · Citations: 0

  Red Team Automatic Metrics Multi Agent

  Communication topology is a critical factor in the utility and safety of LLM-based multi-agent systems (LLM-MAS), making it a high-value intellectual property (IP) whose confidentiality remains insufficiently studied.

• MUSE: A Run-Centric Platform for Multimodal Unified Safety Evaluation of Large Language Models

  Zhongxi Wang, Yueqian Lin, Jingyang Zhang, Hai Helen Li, Yiran Chen · Mar 3, 2026 · Citations: 0

  Red Team Automatic Metrics Web Browsing

  Safety evaluation and red-teaming of large language models remain predominantly text-centric, and existing frameworks lack the infrastructure to systematically test whether alignment generalizes to audio, image, and video inputs.

• Exposing Long-Tail Safety Failures in Large Language Models through Efficient Diverse Response Sampling

  Suvadeep Hajra, Palash Nandi, Tanmoy Chakraborty · Mar 15, 2026 · Citations: 0

  Red Team Automatic Metrics

  While most red-teaming work emphasizes adversarial prompt search (input-space optimization), we show that safety failures can also be systematically exposed through diverse response generation (output-space exploration) for a fixed…

• IH-Challenge: A Training Dataset to Improve Instruction Hierarchy on Frontier LLMs

  Chuan Guo, Juan Felipe Ceron Uribe, Sicheng Zhu, Christopher A. Choquette-Choo, Steph Lin · Mar 11, 2026 · Citations: 0

  Red Team Automatic Metrics

  IH is key to defending against jailbreaks, system prompt extractions, and agentic prompt injections.

• Can Safety Emerge from Weak Supervision? A Systematic Analysis of Small Language Models

  Punyajoy Saha, Sudipta Halder, Debjyoti Mondal, Subhadarshi Panda · Mar 7, 2026 · Citations: 0

  Pairwise PreferenceRed Team Automatic Metrics

  Safety alignment is critical for deploying large language models (LLMs) in real-world applications, yet most existing approaches rely on large human-annotated datasets and static red-teaming benchmarks that are costly, difficult to scale,…

• Obscure but Effective: Classical Chinese Jailbreak Prompt Optimization via Bio-Inspired Search

  Xun Huang, Simeng Qin, Xiaoshuang Jia, Ranjie Duan, Huanqian Yan · Feb 26, 2026 · Citations: 0

  Red Team Automatic Metrics

  Owing to its conciseness and obscurity, classical Chinese can partially bypass existing safety constraints, exposing notable vulnerabilities in LLMs.

• MANATEE: Inference-Time Lightweight Diffusion Based Safety Defense for LLMs

  Chun Yan Ryan Kan, Tommy Tran, Vedant Yadav, Ava Cai, Kevin Zhu · Feb 21, 2026 · Citations: 0

  Red Team Automatic Metrics

  We propose MANATEE, an inference-time defense that uses density estimation over a benign representation manifold.

• FENCE: A Financial and Multimodal Jailbreak Detection Dataset

  Mirae Kim, Seonghun Jeong, Youngjun Kwak · Feb 20, 2026 · Citations: 0

  Red Team Automatic Metrics

  A baseline detector trained on FENCE achieves 99 percent in-distribution accuracy and maintains strong performance on external benchmarks, underscoring the dataset's robustness for training reliable detection models.

• A Systematic Review of Algorithmic Red Teaming Methodologies for Assurance and Security of AI Applications

  Shruti Srivastava, Kiranmayee Janardhan, Shaurya Jauhari · Feb 24, 2026 · Citations: 0

  Red Team Automatic Metrics

  These limitations have driven the evolution toward auto-mated red teaming, which leverages artificial intelligence and automation to deliver efficient and adaptive security evaluations.

Related Hubs

• Automatic Metrics + Red Team (Last 60 Days) Hub
• Automatic Metrics + Red Team (Last 120 Days) Hub
• Automatic Metrics + Red Team Papers Hub
• Automatic Metrics + General + Red Team Papers Hub
• Red Team Papers (Last 60 Days) Hub
• Red Team Papers (Last 90 Days) Hub