Low-Agreeableness Persona Conditioning for Safe LLM Fine-Tuning

Recent work has shown that fine-tuning large language models (LLMs) for social warmth degrades factual reliability and increases sycophancy.

We investigate a related but distinct failure mode: warmth fine-tuning also weakens adversarial safety, making models more susceptible to jailbreaks and harmful output generation.

We examine whether this reflects an inherent consequence of empathetic adaptation or an artifact of data construction.

To address this, we introduce a persona-driven rewriting pipeline that conditions user turns on low agreeableness and pairs this with warm, de-escalating assistant responses.

Across three experiments on four models, our approach reduces jailbreak susceptibility and harmful output rates relative to generic warmth fine-tuning baselines, while preserving conversational warmth.

Representational probing provides suggestive evidence that this conditioning reduces the geometric alignment between warmth and compliance directions in latent space.

These results show that safer empathetic fine-tuning is achievable through data design alone, without safety labels, harm detectors, or changes to the training objective.