Week 25 — 2026-06-15 – 2026-06-21

The paper identifies a novel Denial-of-Service (DoS) vulnerability in LLM-based guardrails where attackers can trigger extended reasoning loops to paralyze autonomous agents. It provides systematic attack frameworks and demonstrates that a single poisoned document can saturate shared guardrail infrastructures.

The paper investigates how intent-based misinformation propagates within multi-agent systems and identifies how group composition and decision protocols influence robustness.

The paper proposes a distributed consensus framework for multi-agent systems that simultaneously handles asymmetric actuator constraints and time-varying output safety constraints.

The paper introduces DeepRoot, a multi-agent LLM system that successfully converts non-standardized historical medical prose into verifiable drug-discovery leads by separating grounding from reasoning.

The paper introduces CoAgent, a concurrency control framework designed specifically for multi-agent LLM systems where classical locking and optimistic concurrency control (OCC) fail due to long inference times and opaque read sets.

The paper establishes a framework for achieving differentially private consensus in discrete-time multi-agent systems subject to communication delays while protecting the entire delayed initial histories of all agents.

The paper provides a longitudinal evaluation of agentic performance on the WorkBench benchmark, demonstrating significant improvements in both task completion and safety over a two-year period.

The paper introduces Risk-Aware Causal Gating (RACG), a framework that prioritizes safety by gating model actions based on counterfactual risk rather than raw predictive confidence. It provides a principled mechanism for least-privilege LLM agents by minimizing the capabilities of a model to perform high-risk actions.

The paper introduces NULLs (Natively Unlearnable LLMs), a model architecture that enables source-specific unlearning without sacrificing the benefits of joint representation learning. It demonstrates that unlearning can be built natively into the training process rather than as a post-hoc correction.

The paper introduces OSGuard, a dual-granularity benchmark designed to evaluate the safety of computer-use agents by distinguishing between successful task completion and unsafe shortcuts.

The paper compares Difference-in-Means (DiM) and Iterative Nullspace Projection (INLP) for steering refusal in LLMs, evaluating whether INLP's richer parameterization offers more tunable interventions.

The paper proposes a formal definition of a 'good explanation' that integrates counterfactual reasoning with the interlocutor's prior beliefs. It further identifies specific structural challenges in providing such explanations for Large Language Model (LLM) outputs.

The paper introduces a formal theory of 'cognitive debt' to model how using AI as a substitute for first-principles reasoning creates systemic fragility. It identifies a 'cognitive Minsky moment' where deferred costs and short-run productivity gains mask rising systemic risk.

The paper introduces Orchestra-o1, a scalable omnimodal agent orchestration framework that enables efficient collaboration across heterogeneous modalities like text, image, audio, and video. It also proposes DA-GRPO, a decision-aligned reinforcement learning approach for training omnimodal agents.

The paper introduces the Hybrid Open-Ended Tri-Evolution (HOTE) framework, which enables AI agents to autonomously evolve their capabilities for open-ended research tasks by bridging deep research and agent evolution.

The paper introduces MINIM, a trusted local broker that performs privacy-aware minimization of UI states to prevent sensitive data leakage when using LLM-powered autonomous agents.

The paper introduces skill-conditional trust (R(i | k)) as a superior alternative to global reputation scores for heterogeneous agent swarms and identifies a security vulnerability where cross-skill evidence borrowing can be exploited by attackers.

The paper introduces RefGRPO, a method to close the 'reflection gap' where LLM agents mis-assess their own performance despite receiving concrete environment feedback.

The paper introduces SkillAudit, a framework for evolving agent skills without requiring ground-truth feedback, hidden test outcomes, or environment rewards.

The paper introduces HarnessX, a foundry for creating composable, adaptive, and evolvable agent harnesses that move beyond static, hand-crafted scaffolding.

The paper formalizes 'Communication Policy' for proactive LLM agents and introduces a self-evolution framework (CPE) to optimize how agents exchange information across different modalities.

The paper introduces GitOfThoughts, a framework that treats LLM reasoning as a version-controlled repository, and provides a rigorous empirical analysis of memory substrates for LLM accuracy.

The paper conceptualizes the paradigm shift of LLMs from conversational chatbots to 'Digital Colleagues' by defining a transition toward persistent autonomous systems capable of reasoning, memory, and self-improvement.

The paper introduces Affordance20Q, a new benchmark for evaluating affordance reasoning without object identity exposure, and proposes KARI to improve model performance.

The paper identifies and characterizes a 'controllable interference surface' where fine-tuning vision-language models for dense coordinate lists improves grounding but induces structured output artifacts like repetition.

The paper introduces a foundation model-driven framework for cross-modal representation alignment between CT imaging and longitudinal EHR data for time-to-event (TTE) modeling. It provides the first systematic analysis of how different fusion strategies behave under modality imbalance across diverse clinical tasks.

The paper introduces llada.cpp, the first NPU-aware inference framework designed to accelerate diffusion large language models (dLLMs) on mobile devices.

The paper introduces CONCORD, an asynchronous sparse aggregation framework designed for device-cloud collaborative RAG where private documents are isolated on the device and public knowledge is in the cloud.

The paper introduces a HyperDimensional Computing (HDC) framework for tabular row embeddings that provides interpretable similarity scores and principled thresholds for structured querying. This enables reliable zero-match detection, a significant limitation in existing nearest-neighbor retrieval methods.

The paper introduces a fully GPU-based workflow that integrates differentiable high-fidelity solvers with neural emulators to create physics-consistent surrogates for hypersonic flows.

The paper demonstrates that structured neural variability (correlated noise) in artificial neural networks enhances robustness against both adversarial attacks and naturalistic image modifications. It establishes a biologically plausible strategy for improving network stability using only local activation information.

The thesis provides a unified probabilistic framework connecting diversity, smoothness, and stochasticity to explain generalization in over-parameterized networks while introducing scalable Bayesian methods for uncertainty estimation.

The paper introduces Relational Structural Causal Models (RSCMs), a framework that extends structural causal models to environments with varying numbers and types of objects. It provides symbolic identification criteria for relational queries and a provably correct neural implementation.

The paper introduces a geometric framework to identify and isolate 'AI engrams'—specific memory traces within deep neural networks—bridging biological memory theories with artificial representation learning.

The paper challenges the claim that lower AI literacy predicts general AI receptivity by demonstrating that this relationship is actually specific to non-text AI tools. It reveals that the perceived link is a result of aggregate data masking significant heterogeneity across different AI categories.

The paper introduces VeriGeo, a framework for generating controllable and verifiable geometry problems with consistent diagrams, constraints, and solutions. It also demonstrates that fine-tuning on this verified synthetic data significantly improves multimodal geometry reasoning performance.

The paper establishes a causal link between weight norm and grokking timescales by demonstrating that the delay follows an exponential law when the norm is clamped.

The paper introduces D2H-AD, a novel anomaly detection framework that integrates distance-based similarity and density-aware encoding within a Hyperdimensional Computing (HDC) paradigm. It demonstrates superior performance over traditional deep learning and HDC baselines while maintaining a lightweight footprint suitable for edge AI.

The paper introduces 'neural slack variables,' a primal-side approach that converts functional inequality constraints (like monotonicity and convexity) into a regression problem to ensure robust feasibility.

The paper introduces a falsifiable applicability criterion to predict when a training-free, time-lagged spectral embedding can successfully distinguish classes in multivariate time series. It provides a two-part pre-flight test (stationarity and power-baseline checks) to determine if a dataset's class information resides in cross-channel temporal coupling.

The paper introduces WorkflowView, a framework that leverages Large Language Models (LLMs) to abstract noisy, low-level digital interaction logs into high-level, interpretable workflows across diverse domains.

The paper introduces SuperThoughts, a method to accelerate Long Chain-of-Thought (CoT) reasoning by compressing consecutive tokens into latent representations to improve inference throughput.

The paper introduces UP-NRPA, an online framework that enables dialogue systems to dynamically adapt to diverse user characteristics without requiring offline reinforcement learning or pre-trained group-specific models.

The paper identifies that data selection in recursive synthetic training can accelerate model collapse when verifiers use biased, local reference distributions. It provides a theoretical proof of power-law diversity decay in siloed selection and proposes a collaborative Wasserstein proxy reference as a mitigation.

The paper introduces MA-ProofBench, the first formal theorem-proving benchmark specifically dedicated to Mathematical Analysis, featuring 200 formalized theorems across two difficulty levels.

The paper introduces Poker Arena, a multi-axis evaluation framework that decomposes strategic reasoning into nine distinct cognitive dimensions to reveal the underlying capability structures of LLMs beyond simple scalar scores.

The paper introduces a new evaluation metric for autoformalization that prioritizes 'expert-review' quality over mere 'sorry-free' compilation. It demonstrates that while LLMs can close proof gaps, they often fail to produce reusable, well-structured formal libraries.

The paper introduces a method to predict LLM compositional failures by analyzing the geometric relationships between concept representations. It demonstrates that representational interference, rather than just task complexity, is a primary driver of model errors.

The paper introduces FactoryLLM, an open-source, safe AI playground designed to evaluate LLM-based Retrieval-Augmented Generation (RAG) models specifically for cross-machine fault diagnostics in smart factories.

The paper demonstrates that specific repetition loops in LLMs can be localized to a small set of neurons and mitigated through targeted weight surgery. It also establishes a boundary for this method by showing it cannot solve fundamental knowledge-precision issues in long-reasoning tasks.

The paper introduces sparsity-induced adaptations for LoRA, specifically Cheap LoRA (cLA) and chained circulant variants (c3LA), and provides the first information-theoretic generalization error bounds for these methods.

The paper introduces Gefen, a memory-efficient optimizer that reduces AdamW's memory footprint by approximately 8x while maintaining equivalent performance.

The paper introduces 'Every Eval Ever,' the first unified metadata schema and community-crowdsourced repository designed to standardize and centralize AI evaluation results.

The paper introduces FedSPC, a modular correction method designed to mitigate inconsistent updates to shared parameters in Personalized Federated Learning (PFL) caused by heterogeneous local objectives.

The paper introduces SERAF, a multimodal framework that enhances time series forecasting by integrating both numerical similarity and semantic descriptions into a retrieval-augmented architecture.

The paper introduces the first dataset for extracting applicability conditions for drug-disease relations and proposes a new method to identify these context-specific conditions from biomedical literature.

The paper introduces Dose-AIPTB, a general framework for estimating the Individual Probability of Treatment Benefit (IPTB) for ordinal outcomes under discrete dose variations. It extends IPTB estimation beyond binary treatment settings to accommodate multi-dose clinical scenarios.

The paper introduces a Transformer-based Deep Reinforcement Learning policy for the Open Shop Scheduling Problem (OSSP) that generalizes from small-scale benchmarks to large-scale industrial instances.

The paper introduces CSPO, a first-order primal-dual method for Safe RL that incorporates local constraint sensitivity to mitigate the oscillatory behavior and delayed corrections typical of standard primal-dual methods.

The paper introduces COMET, a model-based reinforcement learning algorithm that integrates object-level inductive biases into MuZero-style latent planning. It achieves superior early-stage training performance by performing Monte Carlo Tree Search in a slot-structured latent space.

The paper introduces DiPOD, a framework that stabilizes diffusion policy optimization by addressing the 'double-drift' phenomenon where surrogate optimization causes the proxy policy gradient to misalign with the true policy gradient.