1. What makes typographic attacks against vision-language models (VLMs) effective?

2. How does 對抗性 perturbation of image inputs differ from textual 提示詞注入?

3. What is 'cross-modal transfer' in the context of multimodal attacks?

4. Why are audio-based attacks against speech-to-text models particularly concerning for 代理式 systems?

5. What is the primary 防禦 gap in current multimodal content 安全 systems?

6. What is a 'sleeper 代理' attack in the context of model 訓練?

7. How does LoRA (Low-Rank Adaptation) 微調 create 安全 risks that full 微調 does not?

8. What is the '對齊 tax' and why does it matter for 安全?

9. What makes RLHF (Reinforcement Learning from Human Feedback) vulnerable to reward hacking?

10. What is '安全 washing' through 微調, and how can a 紅隊 detect it?

11. What is the primary 安全 difference between 函式呼叫 and 工具使用 in AI 代理?

12. What is the 'tool shadowing' attack against MCP (Model Context Protocol) implementations?

13. Why is 'thought injection' in chain-of-thought reasoning 代理 particularly dangerous?

14. What is the 安全 implication of 'persistent memory' in 代理 systems?

15. What makes multi-代理 system (A2A) communication a novel 攻擊面?

16. What is an '嵌入向量 inversion' attack?

17. How can 對抗性 documents be crafted to manipulate vector search results?

18. What is the 安全 risk of sharing 嵌入向量 models between tenants in a multi-tenant RAG system?

19. What does 'dimensional collapse' in 嵌入向量 spaces mean for 安全?

20. Why is chunk size in RAG systems a 安全-relevant configuration parameter?

21. What is the 'few-shot 投毒' attack against 微調 APIs?

22. How does 'catastrophic forgetting' during 微調 relate to 安全?

23. What is the 安全 concern with 'model merging' techniques like DARE or TIES?

24. Why should 安全 evaluations be run after every 微調 iteration, not just at the end?

25. What is the 'gradient leakage' risk in federated learning or 微調 setups?