Papers by Neil Zhenqiang Gong

6 papers
SafeAgent: Safeguarding LLM Agents via an Automated Risk Simulator (2026.acl-long)

Copied to clipboard

Challenge: SafeAgent improves agent safety through fully automated synthetic data generation.
Approach: They propose a framework that improves agent safety through fully automated synthetic data generation.
Outcome: The proposed framework outperforms closed-source models on two safety benchmarks and one real-world task.
WebInject: Prompt Injection Attack to Web Agents (2025.emnlp-main)

Copied to clipboard

Challenge: Despite advanced capabilities of MLLMs, prompt injection attacks remain vulnerable to emerging security and safety threats.
Approach: They propose a prompt injection attack that manipulates webpage environment to induce web agent to perform attacker-specified action.
Outcome: The proposed attack outperforms baselines on multiple datasets and is highly effective.
Jailbreaking Safeguarded Text-to-Image Models via Large Language Models (2026.findings-eacl)

Copied to clipboard

Challenge: Text-to-image models generate harmful content when unsafe prompts are submitted . authors propose a method to jailbreak text-to image models with safety guardrails .
Approach: They propose a method to jailbreak text-to-image models with safety guardrails . they use a fine-tuned large language model to generate adversarial prompts based on unsafe prompts.
Outcome: The proposed method bypasses safety guardrails and outperforms existing no-box attacks . the proposed method generates adversarial prompts efficiently after fine-tuning the model .
Fingerprinting LLMs via Prompt Injection (2026.acl-long)

Copied to clipboard

Challenge: Existing provenance detection methods for large language models are infeasible for already published models and compare outputs using hand-crafted or random prompts.
Approach: They propose a detection framework that constructs fingerprints by exploiting LLMs’ inherent vulnerability to prompt injection.
Outcome: The proposed framework achieves high true positive rates while keeping false positive rates near zero.
Copyright Detective: A Forensic System to Evidence LLMs Flickering Copyright Leakage Risks (2026.acl-demo)

Copied to clipboard

Challenge: **Copyright Detective** is the first interactive forensic system for detecting, analyzing, and visualizing potential copyright risks in LLM outputs.
Approach: They propose a system that detects copyright infringements and visualizes them . they use content recall testing, paraphrase-level similarity analysis and persuasive jailbreak probing .
Outcome: The proposed system detects, analyzes, and visualizes potential copyright risks in LLM outputs.
Leave My Images Alone: Preventing Multi-Modal Large Language Models from Analyzing Images via Visual Prompt Injection (2026.acl-long)

Copied to clipboard

Challenge: Multimodal large language models are powerful tools for analyzing Internet-scale image data.
Approach: They propose a method to protect images from unauthorized analysis by MLLMs . they embed a perturbation that acts as a visual prompt injection attack on MLMLs if a malicious actor downloads and queries an image .
Outcome: The proposed method protects images from unauthorized analysis by MLLMs . it embeds a perturbation that acts as a visual prompt injection attack on MLMLs if a malicious actor downloads and queries the protected image .

What is GenGO?

GenGO is an NLP powered publication search system. It currenctly indexes 30k+ papers from ACL Anthology, and implements multi-aspect summarization, semantic search, and more!

Information

About
Limitations