How Far Will They Go? Red-Teaming Online Influence with Large Language Models
Quick Answer
This study introduces a red-teaming framework for assessing the political expressivity of over 30 open-source LLMs, revealing systematic biases towards left-leaning content and significant regional differences.
Quick Take
This study introduces a red-teaming framework for assessing the political expressivity of over 30 open-source LLMs, revealing systematic biases towards left-leaning content and significant regional differences. The findings highlight the need for effective jailbreak techniques to expand political Overton Windows, crucial for countering LLM-enabled influence campaigns.
Key Points
- Evaluated over 30 LLMs from 10 families across five countries.
- Open-source LLMs showed a tendency for left-leaning content generation.
- Political Overton Windows contracted inversely with model size.
- Jailbreak effectiveness varied significantly among different model families.
- Framework aids in auditing political steerability of LLMs.
Paper Resources
Article Content
From source RSS / original summaryarXiv:2605. 22880v1 Announce Type: new Abstract: As large language model (LLM)-based agents increasingly participate in online discourse, red-teaming their capacity to support political influence campaigns is critical for information integrity. In pursuit of this goal, we focus on locally deployed open-source LLMs, as opposed to frontier API-only models, given their superior alignment with the operational constraints of privacy-conscious malicious actors deployed in social media environments.
We introduce an empirical red-teaming framework for measuring LLM Overton Windows (OWs), defined as the range of political opinions a model can reliably express on controversial topics, and for quantifying how simple natural-language jailbreaks expand that range. We evaluate more than 30 LLMs spanning 10 model families and five countries of origin.
We find systematic asymmetries in political expressivity: open-source LLMs are typically more willing to generate left-leaning social media content, OWs tend to contract inversely to model size, and regional differences are substantial despite uneven representation in the open-source ecosystem. Jailbreak potency also varies sharply across model families, motivating a workflow for identifying effective combinations of jailbreak techniques.
Taken together, our results establish a practical framework for auditing the political steerability of open-source LLMs and for helping future researchers design stronger countermeasures against LLM-enabled influence campaigns.
Want this in your inbox every morning?
Daily brief at your local 8am — bilingual EN/中文, free.
More from arXiv cs.CL
See more →Quantifying Prior Dominance in Systems
The study introduces the Normalized Context Utilization (NCU) metric to evaluate Retrieval-Augmented Generation (RAG) systems, revealing that Small Language Models (SLMs) outperform larger models in factual extraction. The findings indicate that traditional scaling laws yield diminishing returns, with a commercial API frequently failing against adversarial evidence due to systemic confidence collapse.