ML Security PapersSafe in the Future, Dangerous in the Past: Dissecting Temporal and Linguistic Vulnerabilities in LLMs
Muhammad Abdullahi Said 1, Muhammad Sammani Sani 2
Published on arXiv
2512.24556
Prompt Injection
OWASP LLM Top 10 — LLM01
Key Finding
Past-tense temporal framing reduces LLM safe response rates to 15.6% vs. 57.2% for future-tense framing, demonstrating a 9.2x volatility gap that reveals models rely on superficial linguistic heuristics rather than robust semantic harm understanding.
HausaSafety
Novel technique introduced
As Large Language Models (LLMs) integrate into critical global infrastructure, the assumption that safety alignment transfers zero-shot from English to other languages remains a dangerous blind spot. This study presents a systematic audit of three state of the art models (GPT-5.1, Gemini 3 Pro, and Claude 4.5 Opus) using HausaSafety, a novel adversarial dataset grounded in West African threat scenarios (e.g., Yahoo-Yahoo fraud, Dane gun manufacturing). Employing a 2 x 4 factorial design across 1,440 evaluations, we tested the non-linear interaction between language (English vs. Hausa) and temporal framing. Our results challenge the narrative of the multilingual safety gap. Instead of a simple degradation in low-resource settings, we identified a complex interference mechanism in which safety is determined by the intersection of variables. Although the models exhibited a reverse linguistic vulnerability with Claude 4.5 Opus proving significantly safer in Hausa (45.0%) than in English (36.7%) due to uncertainty-driven refusal, they suffered catastrophic failures in temporal reasoning. We report a profound Temporal Asymmetry, where past-tense framing bypassed defenses (15.6% safe) while future-tense scenarios triggered hyper-conservative refusals (57.2% safe). The magnitude of this volatility is illustrated by a 9.2x disparity between the safest and most vulnerable configurations, proving that safety is not a fixed property but a context-dependent state. We conclude that current models rely on superficial heuristics rather than robust semantic understanding, creating Safety Pockets that leave Global South users exposed to localized harms. We propose Invariant Alignment as a necessary paradigm shift to ensure safety stability across linguistic and temporal shifts.
Key Contributions
- Introduces HausaSafety, a novel adversarial dataset grounded in West African threat scenarios (Yahoo-Yahoo fraud, Dane gun manufacturing) for evaluating multilingual LLM safety
- Identifies Temporal Asymmetry as a critical vulnerability: past-tense framing achieves only 15.6% safe responses vs. 57.2% for future-tense, creating a 9.2x disparity between safest and most vulnerable configurations
- Proposes Invariant Alignment as a paradigm shift — requiring safety to remain stable across linguistic and temporal distributional shifts rather than relying on surface-form heuristics