The risks derived from large language models (LLMs) generating deceptive and damaging content have been the subject of considerable research, but even safe generations can lead to problematic downstream impacts. In our study, we shift the focus to how even safe text coming from LLMs can be easily turned into potentially dangerous content through Bait-and-Switch attacks. In such attacks, the user first prompts LLMs with safe questions and then employs a simple find-and-replace post-hoc technique to manipulate the outputs into harmful narratives. The alarming efficacy of this approach in generating toxic content highlights a significant challenge in developing reliable safety guardrails for LLMs. In particular, we stress that focusing on the safety of the verbatim LLM outputs is insufficient and that we also need to consider post-hoc transformations.

Online resources such as WikiHow compile a wide range of scripts for performing everyday tasks, which can assist models in learning to reason about procedures. However, the scripts are always presented in a linear manner, which does not reflect the flexibility displayed by people executing tasks in real life. For example, in the CrossTask Dataset, 64.5% of consecutive step pairs are also observed in the reverse order, suggesting their ordering is not fixed. In addition, each step has an average of 2.56 frequent next steps, demonstrating "branching". In this paper, we propose the new challenging task of non-sequential graph script induction, aiming to capture optional and interchangeable steps in procedural planning. To automate the induction of such graph scripts for given tasks, we propose to take advantage of loosely aligned videos of people performing the tasks. In particular, we design a multimodal framework to ground procedural videos to WikiHow textual steps and thus transform each video into an observed step path on the latent ground truth graph script. This key transformation enables us to train a script knowledge model capable of both generating explicit graph scripts for learnt tasks and predicting future steps given a partial step sequence. Our best model outperforms the strongest pure text/vision baselines by 17.52% absolute gains on F1@3 for next step prediction and 13.8% absolute gains on Acc@1 for partial sequence completion. Human evaluation shows our model outperforming the WikiHow linear baseline by 48.76% absolute gains in capturing sequential and non-sequential step relationships.

According to a recent open letter, society needs to immediately pause development of "giant" AI models, or risk apocalyptic outcomes. Massive job losses, the destruction of consensus reality and even the end of all organic life on Earth have all been mooted as risks of pressing forward with development of these systems before we understand their intricacies. The high-water mark of these is GPT-4, the snappily named AI that underpins the latest version of the breakthrough ChatGPT service. Creating anything more powerful than GPT-4, before we spend at least six months working out its limits and risks, would be too dangerous, more than 1,000 AI experts say. I decided to spend some time with the new ChatGPT myself.

Whether they're thick and fluffy or thin and crispy at the edges, every household will have a favourite style of pancake this Shrove Tuesday. But whatever your preference, it's not just a case of mixing flour, eggs and milk and pouring the mixture into a pan. Science tells us that several additions to the batter and a few important preparation tips will get the most delectable results. Adding both an acid and an alkali to your batter is essential if you want fluffy pancakes, while butter will help create a delicious browning reaction – but don't overbeat your batter or the results will be too tough. London experts have already used AI to identify the ultimate pancake recipe that lists seven ingredients – flour, sugar, baking powder, salt, milk, butter and eggs.