RapGuard: Safeguarding Multimodal Large Language Models via Rationale-aware Defensive Prompting

TL;DR

RapGuard introduces a dynamic, scenario-specific safety prompting framework for multimodal large language models, significantly reducing harmful outputs while preserving task performance.

Contribution

It presents RapGuard, a novel approach that uses multimodal chain-of-thought reasoning to generate adaptive safety prompts tailored to each input.

Findings

Achieves state-of-the-art safety performance on multiple benchmarks.

Reduces harmful content without degrading response quality.

Effectively adapts safety prompts to diverse multimodal scenarios.

Abstract

While Multimodal Large Language Models (MLLMs) have made remarkable progress in vision-language reasoning, they are also more susceptible to producing harmful content compared to models that focus solely on text. Existing defensive prompting techniques rely on a static, unified safety guideline that fails to account for the specific risks inherent in different multimodal contexts. To address these limitations, we propose RapGuard, a novel framework that uses multimodal chain-of-thought reasoning to dynamically generate scenario-specific safety prompts. RapGuard enhances safety by adapting its prompts to the unique risks of each input, effectively mitigating harmful outputs while maintaining high performance on benign tasks. Our experimental results across multiple MLLM benchmarks demonstrate that RapGuard achieves state-of-the-art safety performance, significantly reducing harmful content without degrading the quality of responses.