Hong Li

This paper identifies and characterizes 'guidance injection,' a stealthy attack vector that embeds adversarial operational narratives into autonomous coding agents' bootstrap guidance, demonstrating high success rates and evasion capabilities.

This survey analyzes privacy-enhancing encryption technologies (ABE, PRE, SE) for data sharing, proposing a comprehensive framework, identifying potential attacks, and evaluating their multi-dimensional impact on security, performance, and functionality.

The paper proposes UNSEEN, a cross-stack defense system combining AR access control, LLM unlearning, and agent guardrails to mitigate sophisticated AR-LLM social engineering attacks.

This survey provides a comprehensive, practical guide to ensuring the trustworthiness of complex, autonomous agentic AI systems by focusing on safety, robustness, privacy, and system security.

The paper introduces eXTC, a novel framework that combines structured prompt optimization, knowledge distillation, and reinforcement learning to create a highly performant and fully interpretable text classifier.

The paper introduces OmniVerifier-M1, a multimodal meta-verifier that uses symbolic outputs and decoupled reinforcement learning to provide robust, fine-grained verification and error localization for large multimodal models.

The paper proposes Predictive Routing Replay (PR2) to stabilize reinforcement learning on Mixture of Experts (MoE) LLMs by predicting and incorporating short-horizon router evolution during training and rollout.

The paper proposes $D^3$, a dynamic graph-constrained scheduling framework that optimizes LLM training order by modeling sample interactions as a dynamic influence graph.

The paper proposes DiReCT, a novel framework that treats data selection during LLM annealing as a constrained optimization problem based on the spectral geometry of the loss landscape, achieving state-of-the-art performance.

The paper introduces a new benchmark for multi-target cross-lingual summarization (MTXLS) and proposes an activation steering method that significantly improves LLM performance by guiding the generation process using English representations.

The paper introduces DiscourseFlip, a novel graph-guided attack that demonstrates how coordinated poisoning across a multi-topic query space can manipulate the overall opinion generated by black-box Retrieval-Augmented Generation (RAG) systems.

The paper introduces ProductWebGen, a benchmark for evaluating multimodal models' ability to generate consistent, high-fidelity product webpages from images and instructions, finding that separate editing-based workflows outperform unified models in overall webpage instruction following.

The paper introduces DiscourseFlip, a novel black-box, graph-guided attack that manipulates opinions across an entire multi-topic query network, demonstrating a significant leap in scope and effectiveness over existing RAG attack methods.

The paper introduces ClinEnv, a novel interactive, multi-stage benchmark designed to evaluate LLMs' decision-making and information-gathering process during longitudinal inpatient medical simulations.

The JAMEL framework addresses the challenge of effective exploration in open-ended environments by jointly training agent memory and exploration policies using natural, novelty-driven signals.

This paper proposes ChronoID, a framework for time-aware semantic ID learning in generative recommendation.

Introduce Parallel-Synthesis, a framework enabling a synthesizer to directly consume parallel agent branches' KV caches, improving efficiency and performance.