Saved in:
Bibliographic Details
Main Authors: Hashemi, Zahra, Zhong, Zhiqiang, Pang, Jun, Zhao, Wei
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2601.18998
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866914283118395392
author Hashemi, Zahra
Zhong, Zhiqiang
Pang, Jun
Zhao, Wei
author_facet Hashemi, Zahra
Zhong, Zhiqiang
Pang, Jun
Zhao, Wei
contents The rapid evolution of large language models (LLMs) has fuelled enthusiasm about their role in advancing scientific discovery, with studies exploring LLMs that autonomously generate and evaluate novel research ideas. However, little attention has been given to the possibility that such models could be exploited to produce harmful research by repurposing open science artefacts for malicious ends. We fill the gap by introducing an end-to-end pipeline that first bypasses LLM safeguards through persuasion-based jailbreaking, then reinterprets NLP papers to identify and repurpose their artefacts (datasets, methods, and tools) by exploiting their vulnerabilities, and finally assesses the safety of these proposals using our evaluation framework across three dimensions: harmfulness, feasibility of misuse, and soundness of technicality. Overall, our findings demonstrate that LLMs can generate harmful proposals by repurposing ethically designed open artefacts; however, we find that LLMs acting as evaluators strongly disagree with one another on evaluation outcomes: GPT-4.1 assigns higher scores (indicating greater potential harms, higher soundness and feasibility of misuse), Gemini-2.5-pro is markedly stricter, and Grok-3 falls between these extremes. This indicates that LLMs cannot yet serve as reliable judges in a malicious evaluation setup, making human evaluation essential for credible dual-use risk assessment.
format Preprint
id arxiv_https___arxiv_org_abs_2601_18998
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Malicious Repurposing of Open Science Artefacts by Using Large Language Models
Hashemi, Zahra
Zhong, Zhiqiang
Pang, Jun
Zhao, Wei
Computation and Language
The rapid evolution of large language models (LLMs) has fuelled enthusiasm about their role in advancing scientific discovery, with studies exploring LLMs that autonomously generate and evaluate novel research ideas. However, little attention has been given to the possibility that such models could be exploited to produce harmful research by repurposing open science artefacts for malicious ends. We fill the gap by introducing an end-to-end pipeline that first bypasses LLM safeguards through persuasion-based jailbreaking, then reinterprets NLP papers to identify and repurpose their artefacts (datasets, methods, and tools) by exploiting their vulnerabilities, and finally assesses the safety of these proposals using our evaluation framework across three dimensions: harmfulness, feasibility of misuse, and soundness of technicality. Overall, our findings demonstrate that LLMs can generate harmful proposals by repurposing ethically designed open artefacts; however, we find that LLMs acting as evaluators strongly disagree with one another on evaluation outcomes: GPT-4.1 assigns higher scores (indicating greater potential harms, higher soundness and feasibility of misuse), Gemini-2.5-pro is markedly stricter, and Grok-3 falls between these extremes. This indicates that LLMs cannot yet serve as reliable judges in a malicious evaluation setup, making human evaluation essential for credible dual-use risk assessment.
title Malicious Repurposing of Open Science Artefacts by Using Large Language Models
topic Computation and Language
url https://arxiv.org/abs/2601.18998