Paper page - LiSA: Lifelong Safety Adaptation via Conservative Policy Induction

Source: https://huggingface.co/papers/2605.14454

Abstract

LiSA enables adaptive safety guardrails for AI agents by converting occasional failures into reusable policy abstractions and using evidence-aware confidence gating to improve performance under sparse and noisy feedback conditions.

As AI agents move from chat interfaces to systems that read private data, call tools, and execute multi-step workflows,guardrailsbecome a last line of defense against concrete deployment harms. In these settings, guardrail failures are no longer merely answer-quality errors: they can leak secrets, authorize unsafe actions, or block legitimate work. The hardest failures are often contextual: whether an action is acceptable depends on local privacy norms, organizational policies, and user expectations that resist pre-deployment specification. This creates a practical gap:guardrailsmust adapt to their own operating environments, yet deployment feedback is typically limited to sparse, noisy user-reported failures, and repeated fine-tuning is often impractical. To address this gap, we propose LiSA (Lifelong Safety Adaptation), a conservativepolicy inductionframework that improves a fixed base guardrail throughstructured memory. LiSA converts occasional failures into reusablepolicy abstractionsso that sparse reports can generalize beyond individual cases, addsconflict-aware local rulesto prevent overgeneralization in mixed-label contexts, and appliesevidence-aware confidence gatingvia aposterior lower bound, so that memory reuse scales with accumulated evidence rather than empirical accuracy alone. Across PrivacyLens+, ConFaide+, and AgentHarm, LiSA consistently outperforms strongmemory-based baselinesundersparse feedback, remains robust undernoisy user feedbackeven at 20% label-flip rates, and pushes the latency--performance frontier beyond backbone model scaling. Ultimately, LiSA offers a practical path to secure AI agents against the unpredictable long tail of real-world edge risks.

View arXiv pageView PDFAdd to collection

Get this paper in your agent:

hf papers read 2605\.14454

Don’t have the latest CLI?curl \-LsSf https://hf\.co/cli/install\.sh \| bash

Models citing this paper0

No model linking this paper

Cite arxiv.org/abs/2605.14454 in a model README.md to link it from this page.

Datasets citing this paper0

No dataset linking this paper

Cite arxiv.org/abs/2605.14454 in a dataset README.md to link it from this page.

Spaces citing this paper0

No Space linking this paper

Cite arxiv.org/abs/2605.14454 in a Space README.md to link it from this page.

Collections including this paper0

No Collection including this paper

Add this paper to acollectionto link it from this page.