AutoSpec: Safety Rule Evolution for LLM Agents via Inductive Logic Programming

· Source: cs.SE updates on arXiv.org · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Robotics & Autonomous Systems · Depth: Expert, extended

Summary

AutoSpec is a novel framework designed to automatically evolve expert-designed safety rules for large language model (LLM) agents, addressing their inherent autonomy and associated risks like destructive commands or data leaks. It integrates counterexample-guided inductive synthesis (CEGIS) with inductive logic programming (ILP) to refine rules from user safe/unsafe annotations. Starting with initial rules and labeled execution traces, AutoSpec iteratively identifies false positives and negatives, uses ILP to learn discriminating predicates, generates rule edits, and verifies them. Evaluated on 291 traces across code execution and embodied agent domains, AutoSpec achieved F1 scores of 0.98 and 0.93, respectively, demonstrating up to 94% false positive reduction while maintaining high recall. The ILP-guided approach yielded up to 4.8x higher F1 than heuristic CEGIS, converging within 4–5 iterations to produce human-readable, auditable rules.

Key takeaway

For AI Security Engineers maintaining LLM agent safety, AutoSpec offers a critical solution to the challenge of evolving static guardrails. You should consider integrating this ILP-guided CEGIS approach to automatically adapt your expert-designed rules to new agent behaviors and threats. This enables continuous improvement of rule precision and recall, ensuring auditable and trustworthy safety mechanisms without the brittleness of manual updates or the opacity of neural classifiers.

Key insights

AutoSpec refines LLM agent safety rules using ILP-guided CEGIS, balancing precision and recall with interpretable outputs.

Principles

Method

AutoSpec iteratively evaluates rules, mines false positive/negative counterexamples, uses ILP to learn discriminating predicates, generates candidate rule edits, and verifies them for optimal revision.

In practice

Topics

Best for: Research Scientist, CTO, VP of Engineering/Data, AI Scientist, Machine Learning Engineer, AI Security Engineer

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by cs.SE updates on arXiv.org.