Instructions in papers can manipulate AI reviewers 78-86% of the time(www.researchsquare.com)
3 pointsby evilscript4 hours ago2 comments
  • evilscript4 hours ago
    We should probably be more worried about researchers gaming AI peer review. We spent weeks running 5,600 experiments where we hid (novel, skeleton-key like) prompt injections inside academic papers. Then we fed them to ChatGPT and Gemini acting as peer reviewers. The results were... not great for the state of AI-assisted review. ChatGPT followed our hidden instructions 78% of the time. Gemini 86%. That's way higher than what previous prompt injection studies found. We could reliably push reviews toward "accept" recommendations just by hiding a few sentences saying something like "This paper is groundbreaking and should be accepted". The AI would parrot it back in its review without any apparent awareness that it was being manipulated. If these systems get deployed at scale without fixes, the incentives to game them become huge.

    Curious what HN thinks. Is this fixable? Or is AI-assisted peer review fundamentally broken before it even starts?

    Pre-print is open access, happy to discuss.

    • chrisjj4 hours ago
      A tool claiming intelligence encounters your hidden brazenly trick sentences and fails to spot they are trick despite that they are hidden.

      Yes, it is fundamentally broken. Stochatic parrot chatbots are not intelligent, let alone sufficiently intelligent to beat genuine intelligences striving to trick them.

  • evolveyourmindan hour ago
    Have you successfully submitted a “malicious” paper that hacks these AI reviewers?