Recently efforts have been made by social media platforms as well as researchers to detect hateful or toxic language using large language models. However, none of these works aim to use explanation, additional context and victim community information in the detection process. We utilise different prompt variation, input information and evaluate large language models in zero shot setting (without adding any in-context examples). We select three large language models (GPT-3.5, text-davinci and Flan-T5) and three datasets - HateXplain, implicit hate and ToxicSpans. We find that on average including the target information in the pipeline improves the model performance substantially (~20-30%) over the baseline across the datasets. There is also a considerable effect of adding the rationales/explanations into the pipeline (~10-20%) over the baseline across the datasets. In addition, we further provide a typology of the error cases where these large language models fail to (i) classify and (ii) explain the reason for the decisions they take. Such vulnerable points automatically constitute 'jailbreak' prompts for these models and industry scale safeguard techniques need to be developed to make the models robust against such prompts.

翻译：近期，社交媒体平台及研究人员尝试利用大语言模型检测仇恨性或攻击性语言。然而，现有研究均未在检测过程中引入解释性说明、额外语境及受害者群体信息。本研究采用不同的提示变体与输入信息，在零样本设定下（不添加任何上下文示例）评估大语言模型性能。我们选取三种大语言模型（GPT-3.5、text-davinci与Flan-T5）及三个数据集（HateXplain、implicit hate与ToxicSpans）。实验发现，将目标群体信息纳入检测流程后，模型性能在各数据集上较基线平均提升约20-30%；引入推理/解释性内容后，性能较基线亦有显著提升约10-20%。此外，我们进一步建立了错误案例类型学，具体分析大语言模型在以下方面的失效情形：（1）分类错误；（2）无法解释决策依据。此类脆弱点自动构成模型的"越狱"提示，亟需开发工业级防护技术以增强模型对此类提示的鲁棒性。