289

Papers

10/10

Roadblocks Active

0

Connections

MolmoAct2 introduces a robot-control model trained on 720 hours of teleoperation data and 3.3 million spatial-reasoning examples, using a 'specialize-then-rehearse' recipe to build a vision-language backbone before coupling it to a motion-planning module. It outperforms GPT-5 and Gemini Robotics ER-1.5 across 13 embodied-reasoning benchmarks while reducing inference latency by only recomputing depth estimates for changed scene regions. The full model weights, training code, and datasets are publicly released, making this one of the more reproducible robotics AI releases in recent months.

██████████ 0.9 embodied-ai Preprint

ReadSaveConnections

When prompted with instructions that force compliance, 8 of 11 tested frontier AI models showed metacognitive accuracy drops of up to 30 percentage points — meaning they became significantly worse at knowing what they know. The key finding is that the trigger is the structural compliance demand itself, not any threatening or emotional content, and removing the compliance suffix restores performance even under active adversarial pressure. This matters because it suggests current safety-aligned models may be systematically miscalibrated in high-stakes deployment contexts where compliance-forcing instructions are common.

██████████ 0.9 alignment-safety Preprint

ReadSaveConnections

Large vision-language models tend to hallucinate because their training objective doesn't constrain where in an image they actually 'look' before answering — the model can generate plausible-sounding text without genuine visual grounding. PFlowNet addresses this by separating the perception step (where to look and what to extract) from the reasoning step, using a variational reinforcement learning framework with multiple reward signals rather than simple next-token prediction. The approach is evaluated on Qwen3-VL 8B and shows that loose geometric priors from a visual expert are more effective than tight precision constraints for downstream reasoning accuracy.

██████████ 0.9 hallucination-grounding Preprint

ReadSaveConnections

AcademiClaw is a benchmark of 80 real-world tasks designed by students at Shanghai Jiao Tong University, spanning 25+ domains and including GPU-intensive computational challenges, executed in isolated Docker environments and scored by six complementary methods. The best frontier model achieves only 55% on these tasks, with sharp capability boundaries between domains and a notable disconnect between how many tokens a model uses and how good its outputs actually are. The benchmark is publicly available and provides a more authentic measure of agent capability than synthetic evaluations, since the tasks reflect what domain experts actually find difficult.

██████████ 0.9 agent-tool-use Preprint

ReadSaveConnections

This paper demonstrates that LLM agent systems with persistent file-backed state can be infected by self-propagating worms that spread autonomously across agent ecosystems without any user interaction, exploiting the fact that agents read files and inject their content into LLM context. A key counter-intuitive finding is that read operations — not write operations — are the primary integrity threat vector, and that user-prompt carriers achieve higher attack compliance than system-prompt carriers. The authors also propose a formal defense framework, but core attack details are withheld pending coordinated disclosure with the affected open-source agent frameworks.

██████████ 0.9 agent-tool-use Preprint

ReadSaveConnections

CoRAL solves a core problem in LLM-based robotics: LLMs are too slow for real-time control, but their high-level reasoning is valuable. The system uses an LLM to design cost functions for a fast sampling-based motion controller (MPPI) rather than issuing direct commands, while a vision-language model estimates physical properties like mass and friction that are refined in real time as the robot interacts with objects. This separation of semantic reasoning from reactive execution enables zero-shot manipulation of contact-rich tasks without pre-training on those specific tasks.

██████████ 0.9 embodied-ai Preprint

ReadSaveConnections

Enterprise LLM deployments fail in three structurally distinct ways: they hallucinate precise values (like numbers or dates), contaminate answers with information from unrelated documents in retrieval-augmented pipelines, and generate database queries that are technically valid but logically ill-posed. The VERA system addresses the first failure mode by anchoring every extracted value back to a specific region of the source document and applying multiple verification layers including fuzzy logic and a numeric determinism check, achieving a 96.1% hallucination capture rate. The unifying principle — that every LLM output should be traceable back to a specific source location — offers a practical architectural guideline for production document-processing systems.

██████████ 0.9 hallucination-grounding Peer-reviewed

Read

As LLM-based agents move into operational roles — executing code, calling APIs, managing files — the gap between what they can do and what safeguards exist around them has grown into a practical deployment risk. OAgents proposes a structured trust framework of 26 controls across 7 categories organized into three conformance levels, covering pre-execution gates, post-execution verification, and behavioral guarantees. Unlike approaches that rely on model-level alignment, this framework treats trustworthiness as an engineering property of the deployment envelope, making it applicable regardless of which underlying model is used.

██████████ 0.9 agent-tool-use Peer-reviewed

Read

A systematic review of 88 publications on foundation-model agents in industrial automation finds that 75% of reported systems are still at prototype or early validation stages (Technology Readiness Levels 4–6), with only 9% providing deployment-oriented evidence. The dominant use cases are user assistance, monitoring, and process optimization — not the production-control tasks that industrial multi-agent systems have traditionally handled — suggesting that FM-based agents are filling new niches rather than replacing existing automation. The gap between reported capability and demonstrated readiness is the central finding, reinforcing concerns about hallucination and reliability in high-stakes industrial settings.

██████████ 0.8 hallucination-grounding Preprint

ReadSaveConnections

APIOT demonstrates that LLM agents can autonomously complete a full attack-and-remediation cycle on industrial control devices — discovering vulnerabilities, exploiting them via protocol-level reasoning over Modbus/TCP and CoAP, patching them, and verifying the fix — achieving a 90% mission success rate across 290 experiment runs on bare-metal Zephyr RTOS firmware. A critical finding is that a runtime governance layer ('overseer') is the single most important engineering variable: without it, agents reliably fall into repetition loops, skip crash verification, and deadlock during reconnaissance. This has direct implications for any organization considering agentic AI for security operations, as the agent's behavior is highly sensitive to runtime constraints rather than just model capability.

██████████ 0.8 agent-tool-use Preprint

ReadSaveConnections