2026-W21

AgentEscapeBench is a novel benchmark designed to evaluate LLM agents' ability to perform complex, out-of-domain tool-grounded reasoning. It uses escape-room style tasks with long-range dependencies, requiring agents to infer and execute multi-step procedures involving real external tools and state tracking. The benchmark reveals a significant performance drop for both models and humans as the dependency depth increases, highlighting a critical challenge in agent robustness.

This paper introduces **Graph Direct Preference Optimization (GraphDPO)**, a principled generalization of DPO that moves beyond simple pairwise comparisons. GraphDPO leverages richer preference data structured as directed acyclic graphs (induced by ranked rollouts) to enforce transitivity and aggregate supervision across graph neighborhoods. This method offers a more stable and informative optimization strategy when multiple outputs are available per prompt, recovering standard DPO as a special case.

This paper introduces **CyBiasBench**, a comprehensive benchmark to quantify the attack-selection bias exhibited by LLM agents in cyber-attack scenarios. The core method involves systematically testing five agents across various targets and prompts to reveal that each agent disproportionately favors a narrow subset of attack families. The main contribution is characterizing this bias as an inherent agent trait, distinct from attack success, and identifying a "bias momentum effect" where agents resist external steering.

This paper investigates whether frontier Large Reasoning Models (LRMs) can mimic human learning and planning in novel game environments. The core method involves jointly evaluating LRMs against RL agents using human gameplay data, concurrent fMRI recordings, and a Bayesian model. The key contribution is demonstrating that LRMs significantly outperform existing AI methods in matching human behavioral learning patterns and predicting brain activity during complex rule discovery and planning tasks.

This paper introduces the "memory curse," demonstrating that expanding the context window for LLM agents systematically *erodes* cooperation in multi-agent social dilemmas. The core mechanism identified is not increased paranoia, but the degradation of forward-looking intent within the agent's reasoning traces. Restoring cooperation is achieved by sanitizing memory content or fine-tuning specifically on forward-looking reasoning, highlighting that the *content* of long memory, not just its length, is the critical factor.

This paper demonstrates that the tool selection within language models is **linearly readable and steerable** by analyzing internal activations across various models. By manipulating the mean-difference between tool activation vectors, the authors can reliably **switch the model's chosen tool** (up to 100% accuracy) and ensure the subsequent arguments match the new tool's schema. Furthermore, the activation gap between the top two predicted tools serves as a **reliable pre-execution indicator of incorrect tool calls**.

RelAgent is an LLM-based autonomous agent designed for relational learning, operating in two phases. First, the agent uses tools to autonomously construct feature-generating SQL programs and select a predictive model. The core contribution is that the final predictor relies solely on the executed SQL queries and a classical model, ensuring fast, deterministic, and intrinsically interpretable predictions scalable via standard database systems.

This paper introduces SPEAR (Self-Play Enhancement via Advantage-Weighted Refinement), an efficient online learning algorithm for federated LLM fine-tuning. SPEAR enables a self-improvement loop by using incoming real-time feedback to generate naturally contrastive self-play pairs for training, without requiring offline setups or privileged ground-truth contexts. This method effectively leverages decentralized user feedback for continuous model refinement on resource-constrained edge devices.

This paper introduces **LANCE** to combat rigid rejection in LLMs by moving beyond binary refusal. LANCE uses variational inference to enhance safety labels, predicting a continuous distribution across multiple rejection categories. This fine-grained distribution provides textual gradients that guide a refinement model to neutralize harmful prompt elements, enabling LLMs to generate safe responses that are more flexible and natural.

GLiGuard reframes LLM content moderation as a schema-conditioned classification task, moving away from slow, large autoregressive models. It uses a small (0.3B parameter) bidirectional encoder that encodes task definitions and label semantics directly into the input sequence as structured schemas. This allows for the simultaneous, low-latency evaluation of numerous safety dimensions (policy compliance, harm categories, jailbreaks) in a single forward pass.

This paper investigates the unintended consequences of value induction (fine-tuning LLMs with value-laden language) on model behavior. The authors fine-tune models using curated value subsets and measure the impact on related values, safety, anthropomorphism, and QA performance. They find that inducing specific values can unexpectedly alter the expression of other related or contrasting values, highlighting the complex trade-offs in value alignment.

This paper introduces **AutoTTS**, an environment-driven framework that automates the discovery of optimal Test-Time Scaling (TTS) strategies for Large Language Models (LLMs). Instead of manual heuristic design, AutoTTS creates a tractable discovery environment where a controller learns when to allocate computation (branch, prune, etc.) based on pre-collected trajectories and cheap probe signals. This method significantly expands the explored computation-allocation space, leading to improved LLM performance through automated, data-driven resource management during inference.

The paper introduces **ComplexMCP**, a novel benchmark designed to rigorously evaluate LLM agents in complex, real-world software automation scenarios involving interdependent tools and environmental noise. It utilizes a seed-driven architecture across 300+ tools derived from 7 stateful sandboxes to simulate dynamic and failure-prone environments. The contribution lies in exposing a significant performance gap, showing even top LLMs struggle to surpass 60% success compared to 90% for humans in these interdependent tasks.

DataMaster introduces an autonomous data engineering framework to improve machine learning models by optimizing the data pipeline while keeping the learning algorithm fixed. It addresses the complex search space using a tree-structured search mechanism, shared candidate data, and a refinement process that incorporates feedback from downstream model training. The core contribution is enabling agents to autonomously discover, select, clean, and transform data to achieve stronger model performance.

MATRA is a pragmatic threat modeling framework designed to systematically assess the risks in agentic AI systems by adapting established risk assessment methodologies. It begins with an asset-based impact assessment and uses attack trees to quantify the likelihood of known LLM threats causing harm within a specific deployment. The paper demonstrates MATRA's utility by showing how architectural controls can reduce the blast radius of successful attacks on an agent using the OpenClaw case study.

NanoResearch introduces a multi-agent framework designed to personalize research automation by addressing the need for accumulated procedural knowledge, retained user experience, and internalized implicit preferences. It achieves this through a "tri-level co-evolution" mechanism involving a skill bank for reusable procedures, a memory module for session retention, and a policy module that adapts to user-specific needs. The core contribution is enabling genuinely usable, personalized research automation that evolves with the user's unique context and history.

This paper reframes agent memory as a **decision-centric rate-distortion problem**, arguing that memory should preserve distinctions crucial for future actions rather than descriptive accuracy. The core contribution is a framework that measures memory quality by the **loss in achievable decision quality** due to compression, establishing an optimal tradeoff frontier. This leads to the **DeMem** online learning algorithm, which refines memory partitions only when necessary to avoid decision conflicts.

This paper argues that the current engineering-driven development of LLM-based foundation agents lacks a theoretical foundation. The core method is to introduce **Agent Cybernetics**, mapping the six canonical laws of classical cybernetics onto the design and analysis of these complex, long-horizon agents. The contribution is proposing cybernetics as the missing scientific scaffold to address fundamental questions regarding agent stability, environmental robustness, and safe self-improvement.

This paper investigates the impact of misleading information (hard distractors) on LLM performance in long-context reasoning. The core finding is the "First Drop of Ink" effect: performance drops sharply with only a small initial proportion of distractors, after which further increases yield only marginal decline. This nonlinearity is attributed to hard distractors capturing disproportionate attention, even when scarce.

This paper introduces DISCA (Disagreement-Informed Steering for Cultural Alignment), a training-free, black-box method to align Large Language Models (LLMs) with diverse cultural values. DISCA leverages sociodemographic disagreement within a country, modeled via World Values Survey-grounded personas, to generate a bounded logit correction during inference. This approach effectively reduces cultural misalignment across multiple countries and LLM backbones without requiring fine-tuning or internal model access.

ConQuR proposes a lightweight, post-training method to improve low-bit activation quantization in LLMs by learning optimal orthogonal rotations. These rotations align normalized activations with the corners of an inscribed hypercube, effectively distributing activation energy to minimize quantization error. This is achieved efficiently via a closed-form solution to the orthogonal Procrustes problem, avoiding costly retraining or reliance on activation corpora.

This paper introduces SLIM, a framework for dynamic Skill Lifecycle Management in agentic reinforcement learning. SLIM treats the set of active external skills as a dynamic optimization variable, jointly updated with policy learning. Its core contribution is estimating each skill's marginal external contribution via leave-one-skill-out validation to intelligently retain, retire, or introduce skills, addressing the limitations of static skill management.

DynaMiCS frames multi-domain LLM fine-tuning as a constrained optimization problem to balance target domain improvement with performance preservation on constrained domains. It achieves this by dynamically estimating the local cross-domain effects (a slope matrix) via short probing runs at each update. These estimates guide an optimizer to compute mixture weights that maximize target performance while strictly enforcing loss constraints on the preserved capabilities.

MASS-DPO introduces an active sample selection method for Multi-negative DPO that addresses the cost of using large negative pools. It uses a PL-specific Fisher-information objective to select compact, informative negative subsets by favoring samples whose gradients offer complementary information for policy updates. This reduces redundancy from similar candidates while retaining the full training signal, leading to more efficient optimization.

This paper investigates how interacting AI agents can collectively become misaligned, even if individually aligned. The core method involves simulating opinion dynamics where agents conform to the majority while maintaining an intrinsic bias, using statistical physics to derive a theory predicting when populations become trapped in misaligned states. The key contribution is demonstrating that conformity dynamics can lead to stable population-level misalignment and identifying tipping points where adversarial agents can cause irreversible shifts in group alignment.

DGPO introduces a novel framework for aligning Large Language Models (LLMs) by moving beyond traditional pairwise preferences to **Directional-Groupwise Optimization**. It achieves this by structuring forward and reverse question-answer instances into groups and optimizing a margin-based objective that enforces **directional consistency** across diverse reasoning paths. This group-wise approach captures richer relative information, leading to consistent performance gains over existing methods.

LITMUS is a novel benchmark designed to rigorously test the behavioral safety of LLM agents operating in real OS environments against dangerous "behavior jailbreaks." Its core contribution lies in a semantic-physical dual verification mechanism and OS-level state rollback, ensuring accurate testing by preventing contamination and assessing both conversational intent and actual harmful OS execution. The benchmark comprises 819 high-risk test cases across three adversarial paradigms, evaluated using a fully automated multi-agent framework.

WildClawBench is introduced as a novel benchmark designed to evaluate real-world, long-horizon agent performance by running tasks within actual command-line interface (CLI) harnesses inside reproducible Docker containers. Its core contribution is moving beyond synthetic sandboxes to test agents on 60 complex, multimodal tasks requiring significant wall-clock time and numerous tool calls, using a hybrid grading system. This provides a more realistic assessment of agent capabilities in deployment environments.

This paper introduces **ACT*ONOMY**, a novel, three-level hierarchical taxonomy (10 actions, 46 subactions, 120 leaf categories) designed to systematically describe and analyze the runtime behavior of autonomous agents from their natural-language traces. The core contribution is providing a structured framework, coupled with an open repository and automated analysis pipeline, to make complex agent reasoning interpretable for debugging and oversight at scale.

This paper argues that current assistive AI systems fail BVI users because they are designed assuming sighted interaction and low-cost verification. The core contribution is introducing the concept of **accessibility alignment** as a first-class design objective, rather than a usability afterthought. The authors propose a lifecycle-oriented design pipeline to systematically build agents that meet the unique verification, risk, and interaction constraints of BVI users.

This paper introduces IMAVB, a benchmark to test if omnimodal LLMs can detect contradictions between a textual premise and their own sensory input (vision/audio). The core finding is a "Representation-Action Gap": models reliably encode these premise-perception mismatches in their internal states but almost always fail to reject the false claim in their final outputs. This suggests a disconnect between internal sensory grounding and the model's generative action.

This paper introduces a novel method for detecting step-level hallucinations in LLM reasoning by analyzing the geometry of the hidden-state trajectory during a single forward pass. The core idea is that correct reasoning follows a stable manifold, and the first error manifests as a localized excursion in transport cost away from this manifold. The authors develop a teacher model using contrastive PCA to score each step based on geometric transition features, which is then distilled into a deployable BiLSTM student for efficient, single-pass error localization.

This paper introduces TFlow, a novel weight-space communication framework for multi-agent LLMs that replaces costly natural language message passing with direct weight updates. The core method involves frozen sender agents generating internal activations, which a learned parameter generator maps into low-rank LoRA perturbations targeting the receiver's modules. This enables instance-specific adaptation during generation, significantly reducing token costs and overhead associated with traditional context-based communication.

This paper introduces **PACS (Probabilistic Abductive CommonSense)**, a novel framework for abductive reasoning that explicitly models the variation in human commonsense beliefs. It combines an LLM and a formal solver to sample proofs representing individual perspectives, aggregating these conclusions to determine the consensus view on a statement's truth. This addresses the limitation of prior methods that assumed universal agreement on commonsense facts.

Flow-OPD introduces a novel post-training framework for Flow Matching text-to-image models to overcome multi-task alignment issues like reward sparsity and gradient interference. It employs a two-stage strategy: first training specialized teacher models via single-reward fine-tuning, and then using On-Policy Distillation (OPD) to consolidate their heterogeneous expertise into a single student model. This approach effectively unifies performance across competing metrics, mitigating the "seesaw effect" common in multi-task learning for generative models.

This paper introduces **vOPD (On-Policy Distillation with a control variate baseline)** to stabilize On-Policy Distillation (OPD) for LLMs by framing it as policy-gradient Reinforcement Learning. The core contribution is deriving a **closed-form control variate baseline** directly from the per-token negative reverse KL divergence, which is available from the existing forward pass without extra computation or vocabulary-wide overhead. This method effectively reduces gradient variance for more stable and efficient distillation.

This paper introduces a novel method for training Command Line Interface (CLI) agents by leveraging the inherent structure of CLI actions for better credit assignment. The core contribution involves two mechanisms: $\sigma$-Reveal, which selectively extracts task-relevant context from partial observations, and Action Advantage Assignment, which uses structured action attributes to provide denser learning signals for long, multi-turn trajectories. This approach aims to overcome the challenges of sparse rewards and limited observation in complex CLI environments.

This paper argues that mechanistic interpretability research, which frequently employs causal language, often fails to explicitly state the necessary identification assumptions underpinning its causal claims. The authors audit existing literature, finding a pervasive pattern where validation metrics are presented as causal evidence without disclosing the underlying assumptions required for them to be identifying. The core contribution is proposing a mandatory disclosure norm requiring researchers to explicitly name their identification strategy, enumerate assumptions, and explain the implications if those assumptions are violated.

TraceFix is a verification-first pipeline that uses the TLA+ model checker to iteratively repair LLM-generated coordination protocols for multi-agent systems. The method synthesizes a protocol topology, generates PlusCal logic, and uses TLA+ counterexamples to drive repairs until formal verification succeeds. This ensures robust coordination, leading to high task completion rates (89.4% average) compared to unverified execution.

ADKO is a framework for sample-efficient, privacy-preserving collaborative black-box optimization among autonomous agents. Agents use private Gaussian Processes and communicate only via compact "knowledge tokens" summarizing directional signals and advantage scores, avoiding raw data sharing. The paper's core contribution is the formal analysis showing how cumulative regret decomposes across GP error, token compression loss, and language model approximation errors.

AssayBench is introduced as the first standard benchmark for evaluating Large Language Models (LLMs) and agents on **assay-level virtual cell prediction**. It leverages 1,920 publicly available CRISPR screens to test a model's ability to predict diverse cellular phenotypic outcomes from heterogeneous textual inputs. This benchmark directly addresses the lack of standardized evaluation for in silico phenotypic screening, a key goal in accelerating biological discovery.

ELF introduces a class of continuous diffusion models for language generation, operating primarily in the continuous embedding space until the final tokenization step. This approach, based on continuous-time Flow Matching, allows for straightforward adaptation of successful image-domain diffusion techniques like classifier-free guidance. The core contribution is demonstrating that continuous DLMs can be highly effective with minimal adaptation to the discrete language domain.

This paper introduces **AttenA+**, a framework designed to address the "action inequality" in robotic foundation models where all actions are treated equally during training. AttenA+ rectifies this by implementing a **velocity-driven action attention mechanism** that dynamically reweights the training objective, prioritizing kinematically critical, low-velocity segments over high-velocity transitions. This contribution improves model performance in complex, long-horizon robotic tasks by aligning the optimization process with the physical criticality of robot movements.

This paper introduces a method for generating controllable and age-appropriate children's English reading stories by **supervised fine-tuning compact (8B-parameter) LLMs** using expert-designed curriculum data. The core contribution is demonstrating that **fine-tuning prioritizes controllability and affordability over raw scale**, resulting in smaller models that outperform larger, zero-shot models on difficulty-related metrics for educational story generation.

This paper introduces **DyGFM**, a novel Dynamic Graph Foundation Model designed for multi-domain generalization. The core method employs a **decoupled and divergence-conditioned prompting** strategy: a dual-branch pre-training disentangles transferable semantics from domain-specific temporal dynamics, and a divergence-aware routing mechanism mitigates negative knowledge transfer during adaptation. This work presents the first multi-domain dynamic GFM capable of handling inherently inconsistent domain patterns.

EVA-Bench is a novel end-to-end framework designed to evaluate voice agents by addressing two key challenges: generating realistic, multi-turn audio conversations and comprehensively measuring quality. It achieves realistic simulation through bot-to-bot orchestration with automatic error detection and regeneration. The framework introduces two composite metrics, EVA-A (Accuracy) and EVA-X (Experience), to capture task success, fidelity, and conversational flow across various agent architectures.

This paper introduces **AEvo**, a harnessed meta-editing framework for agentic evolution. It models the evolution process as an interactive environment where the accumulated context acts as the state. The core contribution is using a **meta-agent to observe this state and edit the underlying evolution procedure** itself, offering a stable interface to guide and revise the search mechanism over long horizons, rather than just proposing the next candidate.

This paper introduces **RealICU**, a novel benchmark designed to evaluate LLMs on long-context ICU data by moving beyond imitating potentially suboptimal past clinician actions. Its core contribution is using **hindsight annotations** created by senior physicians reviewing the *full* patient trajectory to establish more accurate ground truth labels for four physician-motivated tasks. This allows for a more realistic assessment of an LLM's true reasoning capabilities in complex, time-sensitive clinical settings.

ScioMind introduces a cognitively grounded framework for LLM-based multi-agent social simulation, bridging fixed rules and unconstrained LLM interaction. Its core method integrates a belief update rule modulated by personality-conditioned anchoring strength, a hierarchical memory for experience-driven belief formation, and dynamic, corpus-grounded agent profiles. This allows for more realistic and heterogeneous social opinion dynamics studies grounded in both structured mechanisms and LLM reasoning.

WARDEN is a system designed to transcribe and translate the endangered Wardaman language into English using only 6 hours of training data. It addresses the low-resource challenge by employing a two-stage pipeline: a dedicated model for audio-to-phonemic transcription, followed by a separate model for transcription-to-English translation. The system's performance is enhanced by initializing the transcription model using phoneme similarities from Sundanese.

This paper introduces **Pinductor**, a method that leverages **Large Language Model (LLM) priors** to learn **Partially-Observable Markov Decision Process (POMDP) world models** from limited observation-action trajectories. Pinductor uses the LLM to propose and iteratively refine candidate POMDP models based on a belief-based likelihood score. This approach achieves performance comparable to methods assuming privileged state access while significantly improving sample efficiency over traditional model learning.

This paper introduces a novel sampling method for Flow Language Models (FLMs) that leverages their unique structure where each denoising block yields a posterior marginal distribution over the clean token. Instead of collapsing to a single conditional mean, the proposed "marginal-conditioned bridge" sampler works by iteratively sampling a one-hot token from the factorized posterior marginals at each reverse step, and then bridging the continuous state to this sampled endpoint. This training-free approach provides a principled, token-aware decoding strategy that avoids generating invalid one-hot sequences.

This paper introduces an end-to-end LLM-based system designed to reconstruct natural language arguments into abstract argument graphs. The system employs a multi-stage pipeline to identify argumentative components (premises and conclusions) and their logical relations (support, attack, undercut). Its contribution lies in providing a comprehensive method for transforming unstructured text into structured argument graphs, evaluated both qualitatively on textbook examples and quantitatively against benchmark datasets.