Stay in Character, Stay Safe: Dual-Cycle Adversarial Self-Evolution for Safety Role-Playing Agents

Researchers propose a training-free 'Dual-Cycle Adversarial Self-Evolution' framework to solve the core conflict in AI role-playing: stronger character fidelity typically increases vulnerability to jailbreak attacks. The system uses two cycles where an attacker generates jailbreak prompts and a defender builds a hierarchical knowledge base from failures. Experiments on proprietary LLMs show consistent gains in both role fidelity and jailbreak resistance, with robust generalization to unseen personas and attack strategies.