Diffusion models have been widely studied for removing unsafe content learned during pre-training. Existing methods require expensive supervised data, either unsafe-text paired with safe-image groundtruth or negative/positive image pairs, making them impractical to scale. Furthermore, offline reinforcement learning and supervised fine-tuning approaches that generate synthetic data offline suffer from catastrophic forgetting, degrading generation quality. We propose a novel online reinforcement learning framework that addresses both data scarcity and model degradation through post-training with Group Relative Policy Optimization (GRPO) on both negative and positive text prompts. To eliminate the need for fine-tuning specialized safe/unsafe reward models, we introduce a \textit{steering reward mechanism} that exploits an inherent property of CLIP embeddings: steering text representations toward positive safety directions and away from negative ones in the embedding space. Our online-policy approach enables the model to learn from diverse prompts, including explicit unsafe content, without catastrophic forgetting. Extensive experiments demonstrate that our method reduces inappropriate content to 18.07\% (vs. 48.9\% for SD v1.4) and nudity detections to 15 (vs. 646 baseline) while improving compositional generation quality from 42.08\% to 47.83\% on GenEval. Remarkably, these safety gains generalize to out-of-domain unsafe prompts across seven harm categories, achieving state-of-the-art performance without supervised paired data or reward tuning. Github: https://github.com/MAXNORM8650/SafeDiffusion-R1.

翻译：扩散模型在去除预训练阶段学习的不安全内容方面已得到广泛研究。现有方法需要昂贵的监督数据，要么是配对不安全文本与安全图像的真实标注，要么是负/正图像对，这使得它们难以规模化应用。此外，离线强化学习和监督微调方法通过离线生成合成数据，会遭受灾难性遗忘，从而降低生成质量。我们提出一种新颖的在线强化学习框架，通过在后训练阶段对负向和正向文本提示运用组相对策略优化，同时解决了数据稀缺和模型退化两大问题。为消除对专用安全/不安全奖励模型微调的需求，我们引入了一种导向奖励机制，该机制利用了CLIP嵌入的固有属性：在嵌入空间中，将文本表示导向正向安全方向并远离负向不安全方向。我们的在线策略方法使模型能够从包括显式不安全内容在内的多样化提示中学习，且不会发生灾难性遗忘。大量实验表明，我们的方法将不当内容降至18.07%（对比SD v1.4的48.9%），裸体检测降至15次（基线为646次），同时在GenEval上的组合生成质量从42.08%提升至47.83%。值得注意的是，这些安全收益可泛化至七个危害类别的域外不安全提示，无需监督配对数据或奖励调优即可实现最先进的性能。Github：https://github.com/MAXNORM8650/SafeDiffusion-R1。