@inproceedings{zhou-etal-2026-safeagent,
    title = "{S}afe{A}gent: Safeguarding {LLM} Agents via an Automated Risk Simulator",
    author = "Zhou, Xueyang  and
      Wang, Weidong  and
      Lu, Lin  and
      Shi, Jiawen  and
      Tie, Guiyao  and
      Yongtian, Xu  and
      Chen, Lixing  and
      Zhou, Pan  and
      Gong, Neil Zhenqiang  and
      Sun, Lichao",
    editor = "Liakata, Maria  and
      Moreira, Viviane P.  and
      Zhang, Jiajun  and
      Jurgens, David",
    booktitle = "Proceedings of the 64th Annual Meeting of the {A}ssociation for {C}omputational {L}inguistics (Volume 1: Long Papers)",
    month = jul,
    year = "2026",
    address = "San Diego, California, United States",
    publisher = "Association for Computational Linguistics",
    url = "https://preview.aclanthology.org/ingest-acl/2026.acl-long.1501/",
    pages = "32516--32543",
    ISBN = "979-8-89176-390-6",
    abstract = "LLM-based agents are rapidly being deployed in real-world applications (e.g., digital assistants and customer service), making safety a critical concern. However, in multi-turn, tool-augmented settings, dynamic user interactions, external tool use, and unintended harmful behaviors make robust safety assurance challenging. To address these challenges, we propose **SafeAgent**, a framework that improves agent safety through fully automated synthetic data generation. SafeAgent introduces (1) an open and extensible threat model OTS that decomposes agent risk into instruction-, context-, and action-induced sources to ground safety analysis and alignment; and (2) an automated pipeline that instantiates OTS to surface scenario-specific failure modes, stress-test agents, and generate self-reflective safe responses{---}without hazardous real-world data collection. We evaluate SafeAgent on two safety benchmarks and one real-world terminal task. Across four widely used open-source models, SafeAgent improves safety performance by 45{\%} on average and delivers a 28.91{\%} gain on the real-world task, outperforming state-of-the-art closed-source models. These results highlight the practical advancement and scalability of SafeAgent in building safer LLM agents for real-world deployment."
}