Challenge: Current LLMs are trained to refuse potentially harmful input queries regardless of intent . a study of 480 participants evaluating 3,840 query-response pairs reveals that response strategy largely shapes user experience .
Approach: They examine how different refusal strategies affect user perceptions across varying motivations . they find partial compliance reduces negative user perception by over 50% to flat-out refusals a 480 participants study .
Outcome: The study examines the perceptions of LLMs on user intents and their response strategies . it shows that partial compliance reduces negative user perceptions by over 50% to flat refusals .

Similar Papers

Characterizing Selective Refusal Bias in Large Language Models (2026.findings-acl)

Copied to clipboard

Challenge: a recent study shows that safety guardrails in large language models can inadvertently introduce or reflect new biases as they may refuse to generate harmful content targeting some demographic groups and not others.
Approach: They examine the selective refusal bias in large language models by examining demographics and responses.
Outcome: The proposed model fails to defend against an indirect attack on previously refused groups in 89% of the trials.
Challenges and Remedies of Domain-Specific Classifiers as LLM Guardrails: Self-Harm as a Case Study (2025.naacl-industry)

Copied to clipboard

Challenge: Large Language Models (LLMs) have impressive capabilities in generating human-like text, but they pose significant risks in many domains and require guardrails throughout the lifecycle.
Approach: They propose to use a self-harm detector to test the performance of LLM guardrails in real-world environments.
Outcome: The proposed model performs poorly in open and closed domains and is almost unusable in the real world.
SafeConstellations: Mitigating Over-Refusals in LLMs Through Task-Aware Representation Steering (2026.acl-long)

Copied to clipboard

Challenge: Current safety alignment methods fail to identify intended benign task before refusing to respond.
Approach: They propose a method that uses inference-time trajectory-shifting to guide model behavior . they show that LLMs persist in refusing inputs containing harmful content .
Outcome: The proposed approach reduces over-refusals with minimal impact on utility.
Refuse Whenever You Feel Unsafe: Improving Safety in LLMs via Decoupled Refusal Training (2025.acl-long)

Copied to clipboard

Challenge: Large Language Models exhibit a level of intelligence that is both impressive and everevolving, but their ability to refuse generating unsafe content is a double-edged sword.
Approach: They propose a method to tackle a refusal position bias within safety tuning data that compromises the models’ ability to appropriately refuse generating unsafe content.
Outcome: The proposed method significantly improves model safety without compromising performance and surpasses baseline methods in defending against attacks.
Exploring the Vulnerability of the Content Moderation Guardrail in Large Language Models via Intent Manipulation (2025.findings-emnlp)

Copied to clipboard

Challenge: Prior work has shown that intent detection enhances LLMs’ moderation guardrails, but the robustness of these guardrail mechanisms under malicious manipulations remains under-explored.
Approach: They propose a two-stage intent-based prompt-refinement framework that first transforms harmful inquiries into structured outlines and further reframes them into declarative-style narratives.
Outcome: The proposed framework outperforms several cutting-edge jailbreak methods and evades even advanced Intent Analysis (IA) and Chain-of-Thought (CoT)-based defenses.
A Systematic Examination of Preference Learning through the Lens of Instruction-Following (2025.naacl-long)

Copied to clipboard

Challenge: a recent study has found that preference learning is a key tool for enhancing LLM training and alignment.
Approach: They use a synthetic data generation pipeline to generate 48,000 unique instruction-following prompts with 23 verifiable constraints to obtain preference pairs.
Outcome: The proposed pipeline generates 48,000 unique instruction-following prompts with 23 verifiable constraints that enable fine-grained and automated quality assessments of model responses.
Wait, that’s not an option: LLMs Robustness with Incorrect Multiple-Choice Options (2025.acl-long)

Copied to clipboard

Challenge: Using a framework that combines instruction-following with critical reasoning, we show that the ability of LLMs to override defaults when faced with invalid options is impaired by alignment techniques.
Approach: They propose a framework for evaluating LLMs’ capacity to balance instruction-following with critical reasoning when presented with multiple-choice questions containing no valid answers.
Outcome: The proposed framework improves models' ability to override defaults when faced with invalid options while minimizing the impact of model size and training techniques on the model.
Guardrails and Security for LLMs: Safe, Secure and Controllable Steering of LLM Applications (2025.acl-tutorials)

Copied to clipboard

Challenge: Pretrained generative models provide novel ways for users to interact with computers.
Approach: This tutorial provides an overview of key guardrail mechanisms developed for LLMs along with evaluation methodologies and a detailed security assessment protocol.
Outcome: This tutorial provides an overview of key guardrail mechanisms developed for LLMs, along with evaluation methodologies and a detailed security assessment protocol.
Intention Analysis Makes LLMs A Good Jailbreak Defender (2025.coling-main)

Copied to clipboard

Challenge: Existing methods to align large language models with human values overlook the intrinsic nature of jailbreaks, which limits their effectiveness in complex scenarios.
Approach: They propose a simple yet highly effective defense strategy, i.e., Intention Analysis (IA). They show that IA suppresses LLM’s tendency to follow jailbreak prompts, thereby enhancing safety.
Outcome: The proposed strategy reduces harmfulness of LLMs and outperforms GPT-3.5 in attack success rate.
From Representational Harms to Quality-of-Service Harms: A Case Study on Llama 2 Safety Safeguards (2024.findings-acl)

Copied to clipboard

Challenge: Recent advances in large language models have also introduced additional safety risks and raised concerns regarding their detrimental impact on already marginalized populations.
Approach: They propose to use LLMs to evaluate their safety responses on already mitigated biases by evaluating models on already encoded assumptions.
Outcome: The proposed model can encode harmful assumptions, but it can also be harmful for certain demographic groups.

What is GenGO?

GenGO is an NLP powered publication search system. It currenctly indexes 30k+ papers from ACL Anthology, and implements multi-aspect summarization, semantic search, and more!

Information

About
Limitations