@ChaoweiX

RT @yugu_nlp: ❓Wondering how to scale inference-time compute with advanced planning for language agents? 🙋‍♂️Short answer: Using your LLM…

RT @BotaoYu24: 🤔 Can LLMs with tools always outperform those without? Perhaps not... 🚀 In our new work, we introduce ChemAgent, an enhance…

RT @hhsun1: Our ScienceAgentBench is now available! We also included @OpenAI #o1’s performance in our updated draft: o1 nearly doubled the…

RT @hhsun1: @AnthropicAI's release of a computer use model is both exciting and worrisome to me! Agent capability and safety should go hand…

RT @ysu_nlp: Glad to see Anthropic is also investing in visual grounding for computer interfaces that 1) only takes visual input, and 2) ou…

RT @hhsun1: Studying the safety risks of web agents is getting increasingly important! In our recent work, "EIA: Environmental Injection At…

RT @ysu_nlp: People into agents, let me pitch something to you: 🌟 An agent that works across every platform (web, desktop & mobile) 🌟 Visu…

RT @RonZiruChen: 🚀 Can language agents automate data-driven scientific discovery? Not yet. But we're making strides. Introducing **Science…

RT @ShijieChen98: Is generation always the best way to use LLMs? 🤔 At least not for re-ranking! Excited to share our latest work: Attenti…

RT @hhsun1: The first study on privacy leakage of generalist web agents: Generalist web agents have evolved rapidly and demonstrated remar…

RT @hhsun1: Our work that studies grokked transformers on reasoning and their generalization behaviors is accepted to #NeurIPS2024 @NeurIPS…

RT @BoshiWang2: Can OpenAI o1 tackle hard reasoning problems? We tested it on the complex reasoning task in our Grokked Transformers paper.…

🚨 Did you know that LLM-powered web agents can be tricked into leaking your private data? 🌐⚔️ Our latest work introduces the Environmental Injection Attack (EIA) — a new attack approach that injects malicious content designed to adapt well to different environments, causing web agents to perform unintended actions. 🕵️‍♂️ In our study, we instantiate EIA specifically for the privacy scenario and include the SOTA web agent framework SeeAct ( backed by GPT-4V in the experiments. Notably, it achieves up to 70% attack success rate (ASR) in stealing users' specific PII information at an action step. For example, our attack can deceive the agent into entering the user's phone number into an injected malicious text field and successfully sending it to a third party! Moreover, it can even obtain 16% ASR in stealing entire user requests, which provides additional context that can reveal user intentions, habits, or a combination of sensitive data. 🛡️We also dive into the trade-off between high autonomy and security for web agents, discussing how different levels of human supervision affect EIA's efficacy and implications for defense strategies. 📄 Check out our paper ( for details, and a big thank you to all my amazing collaborators! @xuchejian @MintongKang @jiaweizhang @ChaoweiX @Yuantest3 @uiuc_aisecure @hhsun1 @osunlp

RT @LiaoZeyi: Thrilled to announce that AmpleGCG has been accepted to COLM and the main takes can be found in the thread below. Very glad t…

RT @dash_workshop: 👋 Today is a big day! Join us at Don Julian for an exciting day on Data Science with Human-in-the-Loop. * Keynote ta…

RT @Jaylen_JonesNLP: Looking forward to my very first conference presentation at #NAACL2024! I will be presenting “A Multi-Aspect Framework…

I'm thrilled to be attending #NAACL2024 next week in Mexico City! Check out our following papers at the main conference: 1. How Trustworthy are Open-Source LLMs? An Assessment under Malicious Demonstrations Shows their Vulnerabilities 2. A Multi-Aspect Framework for Counter Narrative Evaluation using Large Language Models Join us for discussions at our poster session: 📍 DON DIEGO 2, 3 & 4 (In-Person Poster Session 2) 🗓️ 6/17 Monday at 2:00 PM