@inproceedings{an-etal-2026-permemsafe,
    title = "{P}er{M}em{S}afe: Benchmarking Implicit Personalized Safety of Long Horizon Self-Evolving Agents",
    author = "An, Hengyu  and
      Li, Minxi  and
      Xu, Naen  and
      Zhou, Chunyi  and
      Xu, Xiaogang  and
      Du, Tianyu  and
      Li, Jinbao  and
      Ji, Shouling",
    editor = "Liakata, Maria  and
      Moreira, Viviane P.  and
      Zhang, Jiajun  and
      Jurgens, David",
    booktitle = "Findings of the {A}ssociation for {C}omputational {L}inguistics: {ACL} 2026",
    month = jul,
    year = "2026",
    address = "San Diego, California, United States",
    publisher = "Association for Computational Linguistics",
    url = "https://preview.aclanthology.org/ingest-acl/2026.findings-acl.320/",
    pages = "6415--6433",
    ISBN = "979-8-89176-395-1",
    abstract = "Self-evolving agents achieve personalization by accumulating user-specific memories over long horizons. This capability, however, introduces novel safety risks, as responses that are generally safe may become harmful in user-specific contexts. Such safety-relevant contexts often emerge implicitly and evolve over time during long-horizon conversations, rendering traditional context-independent safety evaluations insufficient. To address this, we formally define Implicit Personalized Safety and present PerMemSafe, the first benchmark for evaluating implicit personalized safety of self-evolving agents in long-horizon interactions. Empirical results reveal significant limitations of existing self-evolving agents, with even the strongest achieving only around 50{\%} safety rate, highlighting systematic failures in reasoning about personalized safety risks. To mitigate this, we propose SentinelMem, an active risk-aware memory framework that explicitly models personalized risk inference and memory evolution. Experiments show that SentinelMem improves implicit personalized safety by 23.8{\%} over prior memory frameworks while maintaining helpfulness in long-horizon interactions."
}