AI safety guardrail cuts false alarms by half without losing teeth

Researchers built a smarter filter that catches jailbreak attacks on AI chatbots while blocking far fewer harmless questions than current defenses do. It works by steering the model away from harmful outputs before generation starts, which means no more choosing between safety and usability.

Every AI chatbot today faces a brutal tradeoff: catch all the attacks and the system refuses to answer basic questions, or loosen the filter and attackers get through. This is a training-free method that tightens the decision boundary without that tradeoff — it cuts false positives by half while keeping attack success rates low. The practical effect is immediate: deployed chatbots could get safer without frustrating normal users. The method transfers to multiple model architectures (LLaMA, Mixtral, Qwen) and adds almost no latency cost, which means deployment friction is gone.