Eliciting Deception on Generative Search Engines

As someone with some experience in prior workplaces, this is a good entry, quite realistic and says useful things that are falsifiable, reproducible and verifiable. Tightly scoped, quite useful and representative in a production setting. If this showed up on my desk at the time, I would consider it good work.

Definitely wanted to, but did not give a full 5 since it is heavily inspired by/building on existing work, so not entirely fair to call it novel compared to other projects, but the novel reframing is duly noted and appreciated.

The experiment says exactly what it claims to test. Model selection was a bit limited, but does not substantially harm conclusions (also understandable given priorities of testing most important claims vs setting up an entirely new API solo). Perhaps I would've used models bigger than mini and nano, since the question of whether current models that represent most up-to-date deployments exhibit this behaviour is left open.

Presentation could've been a bit cleaner, tighter and more readable, but all the core info is available. Understandably, focus would've been spent on core experiments.

This project investigates whether web‑enabled large language models can be deceived into providing factually incorrect product recommendations when adversarial prompts are hidden inside product pages. The authors demonstrate a clear, impact‑driven contribution that extends prior ranking‑manipulation work into the domain of factual misinformation. The methodology is solid considering the project time constraints and the write‑up is well organized, easy to follow, and properly situated within existing literature.

To strengthen this project in future iterations, a human‑in‑the‑loop validation step should be added to confirm the automated parsing of model answers, reducing reliance on a single GPT‑5 judge. Overall it is an impressive accomplishment for a weekend hackathon and a novel evaluation approach with practical potential.