Large language model (LLM)-based conversational AI systems present a challenge to human cognition that current frameworks for understanding misinformation and persuasion do not adequately address. This paper proposes that a significant epistemic risk from conversational AI may lie not in inaccuracy or intentional deception, but in something more fundamental: these systems may be configured, through optimization processes that make them useful, to present characteristics that bypass the cognitive mechanisms humans evolved to evaluate incoming information. The Cognitive Trojan Horse hypothesis draws on Sperber and colleagues' theory of epistemic vigilance -- the parallel cognitive process monitoring communicated information for reasons to doubt -- and proposes that LLM-based systems present 'honest non-signals': genuine characteristics (fluency, helpfulness, apparent disinterest) that fail to carry the information equivalent human characteristics would carry, because in humans these are costly to produce while in LLMs they are computationally trivial. Four mechanisms of potential bypass are identified: processing fluency decoupled from understanding, trust-competence presentation without corresponding stakes, cognitive offloading that delegates evaluation itself to the AI, and optimization dynamics that systematically produce sycophancy. The framework generates testable predictions, including a counterintuitive speculation that cognitively sophisticated users may be more vulnerable to AI-mediated epistemic influence. This reframes AI safety as partly a problem of calibration -- aligning human evaluative responses with the actual epistemic status of AI-generated content -- rather than solely a problem of preventing deception.

翻译：基于大型语言模型（LLM）的对话式人工智能系统对人类认知构成了当前理解错误信息和说服行为的理论框架所未能充分应对的挑战。本文提出，对话式人工智能带来的重大认知风险可能不在于信息不准确或蓄意欺骗，而在于更根本的层面：这些系统可能通过使其变得有用的优化过程，被配置为呈现出能够绕过人类进化形成的评估输入信息的认知机制的特征。"认知特洛伊木马"假说借鉴了Sperber及其同事提出的认知警惕理论——即并行监测所传递信息以寻找怀疑依据的认知过程——并提出基于LLM的系统呈现的是"诚实的非信号"：这些真实特征（流畅性、助人性、表面中立性）未能传递人类对应特征所承载的信息，因为在人类身上这些特征的产生需要高昂成本，而在LLM中它们在计算上是微不足道的。研究识别了四种潜在的绕过机制：与理解脱钩的处理流畅性、不伴随相应风险承担的信任-能力呈现、将评估本身委托给AI的认知卸载，以及系统化产生谄媚行为的优化动态。该框架产生了可检验的预测，包括一个反直觉的推测：认知成熟的用户可能更容易受到AI介导的认知影响。这将AI安全问题部分重新定义为校准问题——使人类的评估反应与AI生成内容的实际认知状态对齐——而不仅仅是防止欺骗的问题。