DRAFT: Task Decoupled Latent Reasoning for Agent Safety

A research team including Lin Wang, Junfeng Fang, and Dan Zhang has introduced DRAFT (Task Decoupled Latent Reasoning for Agent Safety), a novel framework designed to solve a critical problem in AI safety: auditing the long, complex action sequences of tool-using AI agents. Traditional binary supervision fails here because risky evidence is sparse within noisy interaction logs. DRAFT addresses this by decoupling safety judgment into two differentiable, trainable modules. First, an Extractor model distills the entire agent trajectory into a compact, continuous latent representation called a 'draft.' Second, a Reasoner model jointly attends to this latent draft and the original trajectory to make a final safety prediction. This architecture avoids the pitfalls of simplistic 'summarize-then-judge' pipelines by performing evidence aggregation in a learned latent space.

In rigorous testing on established safety benchmarks like ASSEBench and R-Judge, DRAFT demonstrated a massive leap in performance. It consistently outperformed strong baselines, improving average accuracy from 63.27% (using a method like LoRA fine-tuning) to 91.18%. The framework also learned more separable representations of safe and unsafe behaviors, as shown in ablation studies that confirmed a clear synergy between the Extractor and Reasoner stages. The paper, published on arXiv, argues that this approach of continuous latent reasoning prior to a final readout is a practical and scalable path toward ensuring robust safety for autonomous AI agents operating in real-world, long-context scenarios.