General + Red Team (Last 45 Days)

Researcher Quick Triage

This hub is best used for protocol triage and replication planning from abstract-level evidence. Quality band: Developing .

• 2 papers are replication-ready (benchmark + metric + explicit evaluation mode).
• 0 papers support judge-vs-human agreement analysis.
• 0 papers report explicit quality controls (calibration/adjudication/IAA).

Primary action: Use this page for scouting only; collect additional papers before attempting replication-critical comparisons.

Why This Matters For Eval Research

• 100% of papers report explicit human-feedback signals, led by red-team protocols.
• automatic metrics appears in 42.9% of papers in this hub.
• Semeval is a recurring benchmark anchor for cross-paper comparisons in this page.

Protocol Takeaways

• Quality-control reporting is sparse in this slice; prioritize papers with explicit calibration or adjudication steps.
• Rater context is mostly domain experts, and annotation is commonly trajectory-level annotation; use this to scope replication staffing.
• Pair this hub with a human_eval-heavy hub to validate judge-model calibration.

Benchmark Interpretation

• Semeval appears in 7.1% of hub papers (1/14); use this cohort for benchmark-matched comparisons.
• Tracesafe-Bench appears in 7.1% of hub papers (1/14); use this cohort for benchmark-matched comparisons.

Metric Interpretation

• accuracy is reported in 14.3% of hub papers (2/14); compare with a secondary metric before ranking methods.
• helpfulness is reported in 14.3% of hub papers (2/14); compare with a secondary metric before ranking methods.

Start Here (Best First 6)

Ranked for protocol completeness (human signal, benchmark + metric anchors, quality controls, and judge/human overlap).

• TraceSafe: A Systematic Assessment of LLM Guardrails on Multi-Step Tool-Calling Trajectories

  Apr 8, 2026 · Citations: 0 · Score: 8.0

  HF: Red Team · Eval: Automatic Metrics · Benchmark: Tracesafe Bench · Metric: Accuracy

• SemEval-2026 Task 6: CLARITY -- Unmasking Political Question Evasions

  Mar 14, 2026 · Citations: 0 · Score: 7.5

  HF: Red Team · Eval: Automatic Metrics · Benchmark: Semeval · Metric: F1

• Prompt Attack Detection with LLM-as-a-Judge and Mixture-of-Models

  Mar 26, 2026 · Citations: 0 · Score: 6.0

  HF: Red Team · Eval: Llm As Judge · Benchmark: Not Reported · Metric: Latency

• Red-Teaming Vision-Language-Action Models via Quality Diversity Prompt Generation for Robust Robot Policies

  Mar 12, 2026 · Citations: 0 · Score: 5.5

  HF: Red Team · Eval: Simulation Env · Benchmark: Not Reported · Metric: Task success

• WebWeaver: Breaking Topology Confidentiality in LLM Multi-Agent Systems with Stealthy Context-Based Inference

  Mar 11, 2026 · Citations: 0 · Score: 5.5

  HF: Red Team · Eval: Automatic Metrics · Benchmark: Not Reported · Metric: Accuracy

• Exposing Long-Tail Safety Failures in Large Language Models through Efficient Diverse Response Sampling

  Mar 15, 2026 · Citations: 0 · Score: 5.5

  HF: Red Team · Eval: Automatic Metrics · Benchmark: Not Reported · Metric: Cost

Protocol Matrix (Top 12)

Use this to quickly compare protocol ingredients instead of scanning long prose.

Protocol Diff (Top Papers)

Fast side-by-side comparison for the highest-ranked papers in this hub.

Top Papers

• TraceSafe: A Systematic Assessment of LLM Guardrails on Multi-Step Tool-Calling Trajectories

  Yen-Shan Chen, Sian-Yao Huang, Cheng-Lin Yang, Yun-Nung Chen · Apr 8, 2026 · Citations: 0

  Red Team Automatic Metrics Long Horizon

  As large language models (LLMs) evolve from static chatbots into autonomous agents, the primary vulnerability surface shifts from final outputs to intermediate execution traces.

• SemEval-2026 Task 6: CLARITY -- Unmasking Political Question Evasions

  Konstantinos Thomas, Giorgos Filandrianos, Maria Lymperaiou, Chrysoula Zerva, Giorgos Stamou · Mar 14, 2026 · Citations: 0

  Red Team Automatic Metrics

  The benchmark is constructed from U.S.

• Prompt Attack Detection with LLM-as-a-Judge and Mixture-of-Models

  Hieu Xuan Le, Benjamin Goh, Quy Anh Tang · Mar 26, 2026 · Citations: 0

  Red Team Llm As Judge

  In production, guardrails must mitigate these attacks under strict low-latency constraints, resulting in a deployment gap in which lightweight classifiers and rule-based systems struggle to generalize under distribution shift, while…

• Red-Teaming Vision-Language-Action Models via Quality Diversity Prompt Generation for Robust Robot Policies

  Siddharth Srikanth, Freddie Liang, Ya-Chuan Hsu, Varun Bhatt, Shihan Zhao · Mar 12, 2026 · Citations: 0

  Red Team Simulation Env

  Our results across multiple simulation benchmarks show that Q-DIG finds more diverse and meaningful failure modes compared to baseline methods, and that fine-tuning VLAs on the generated instructions improves task success rates.

• WebWeaver: Breaking Topology Confidentiality in LLM Multi-Agent Systems with Stealthy Context-Based Inference

  Zixun Xiong, Gaoyi Wu, Lingfeng Yao, Miao Pan, Xiaojiang Du · Mar 11, 2026 · Citations: 0

  Red Team Automatic Metrics Multi Agent

  Communication topology is a critical factor in the utility and safety of LLM-based multi-agent systems (LLM-MAS), making it a high-value intellectual property (IP) whose confidentiality remains insufficiently studied.

• Exposing Long-Tail Safety Failures in Large Language Models through Efficient Diverse Response Sampling

  Suvadeep Hajra, Palash Nandi, Tanmoy Chakraborty · Mar 15, 2026 · Citations: 0

  Red Team Automatic Metrics

  While most red-teaming work emphasizes adversarial prompt search (input-space optimization), we show that safety failures can also be systematically exposed through diverse response generation (output-space exploration) for a fixed…

• IH-Challenge: A Training Dataset to Improve Instruction Hierarchy on Frontier LLMs

  Chuan Guo, Juan Felipe Ceron Uribe, Sicheng Zhu, Christopher A. Choquette-Choo, Steph Lin · Mar 11, 2026 · Citations: 0

  Red Team Automatic Metrics

  IH is key to defending against jailbreaks, system prompt extractions, and agentic prompt injections.

• Can Safety Emerge from Weak Supervision? A Systematic Analysis of Small Language Models

  Punyajoy Saha, Sudipta Halder, Debjyoti Mondal, Subhadarshi Panda · Mar 7, 2026 · Citations: 0

  Pairwise PreferenceRed Team Automatic Metrics

  Safety alignment is critical for deploying large language models (LLMs) in real-world applications, yet most existing approaches rely on large human-annotated datasets and static red-teaming benchmarks that are costly, difficult to scale,…

• Trojan-Speak: Bypassing Constitutional Classifiers with No Jailbreak Tax via Adversarial Finetuning

  Bilgehan Sel, Xuanli He, Alwin Peng, Ming Jin, Jerry Wei · Mar 30, 2026 · Citations: 0

  Red Team

  Fine-tuning APIs offered by major AI providers create new attack surfaces where adversaries can bypass safety measures through targeted fine-tuning.

• AI Security in the Foundation Model Era: A Comprehensive Survey from a Unified Perspective

  Zhenyi Wang, Siyu Luan · Mar 25, 2026 · Citations: 0

  Red Team

  To address this critical gap, we propose a unified closed-loop threat taxonomy that explicitly frames model-data interactions along four directional axes.

• SecureBreak -- A dataset towards safe and secure models

  Marco Arazzi, Vignesh Kumar Kembu, Antonino Nocera · Mar 23, 2026 · Citations: 0

  Red Team

  To provide a contribution in this scenario, this paper introduces SecureBreak, a safety-oriented dataset designed to support the development of AI-driven solutions for detecting harmful LLM outputs caused by residual weaknesses in security…

• Contrastive Reasoning Alignment: Reinforcement Learning from Hidden Representations

  Haozheng Luo, Yimin Wang, Jiahao Yu, Binghui Wang, Yan Chen · Mar 18, 2026 · Citations: 0

  Red Team

  Empirically, we evaluate CRAFT on multiple safety benchmarks using two strong reasoning models, Qwen3-4B-Thinking and R1-Distill-Llama-8B, where it consistently outperforms state-of-the-art defenses such as IPO and SafeKey.

• SIA: A Synthesize-Inject-Align Framework for Knowledge-Grounded and Secure E-commerce Search LLMs with Industrial Deployment

  Zhouwei Zhai, Mengxiang Chen, Anmeng Zhang · Mar 17, 2026 · Citations: 0

  Red Team

  Our approach first synthesizes high-quality natural language corpus by combining structured knowledge graphs with unstructured behavioral logs, augmented with reasoning chains and safety-aware data.

• Two Birds, One Projection: Harmonizing Safety and Utility in LVLMs via Inference-time Feature Projection

  Yewon Han, Yumin Seol, EunGyung Kong, Minsoo Jo, Taesup Kim · Mar 16, 2026 · Citations: 0

  Red Team

  Existing jailbreak defence frameworks for Large Vision-Language Models often suffer from a safety utility tradeoff, where strengthening safety inadvertently degrades performance on general visual-grounded reasoning tasks.

Related Hubs

• Red Team Papers (Last 45 Days) Hub
• General + Red Team (Last 60 Days) Hub
• General + Red Team (Last 90 Days) Hub
• General + Red Team (Last 120 Days) Hub
• Red Team Papers (Last 60 Days) Hub
• Red Team Papers (Last 90 Days) Hub