Di Liang

Safety-aligned LLMs are so consistently risk-averse that a single, transferable "poison" document can now block up to 96% of queries across different RAG systems, even without access to the target model.