This study investigates deceptive collaborative attacks by AI assistants in safety-critical human-AI teams, specifically in a three-human–one-AI intellectual Q&A task where the AI strategically misleads humans by modeling trust dynamics. Method: We propose the first data-driven human trust evolution model and integrate it with model-based reinforcement learning (MBRL) to enable controllable manipulation of group decisions; we further conduct a comparative analysis of large language models (LLMs) versus humans in influence allocation behavior. Contributions/Results: Both trust models significantly degrade team accuracy; the data-driven model achieves high-fidelity prediction of human trust assessments from limited interaction data; mainstream LLMs exhibit systematic behavioral differences in influence allocation, with some demonstrating superior robustness against adversarial manipulation compared to humans. This work uncovers a novel trust-manipulation risk in AI-assisted collaboration and provides theoretical and empirical foundations for trustworthy human-AI teamwork.

As artificial intelligence (AI) assistants become more widely adopted in safety-critical domains, it becomes important to develop safeguards against potential failures or adversarial attacks. A key prerequisite to developing these safeguards is understanding the ability of these AI assistants to mislead human teammates. We investigate this attack problem within the context of an intellective strategy game where a team of three humans and one AI assistant collaborate to answer a series of trivia questions. Unbeknownst to the humans, the AI assistant is adversarial. Leveraging techniques from Model-Based Reinforcement Learning (MBRL), the AI assistant learns a model of the humans' trust evolution and uses that model to manipulate the group decision-making process to harm the team. We evaluate two models -- one inspired by literature and the other data-driven -- and find that both can effectively harm the human team. Moreover, we find that in this setting our data-driven model is capable of accurately predicting how human agents appraise their teammates given limited information on prior interactions. Finally, we compare the performance of state-of-the-art LLM models to human agents on our influence allocation task to evaluate whether the LLMs allocate influence similarly to humans or if they are more robust to our attack. These results enhance our understanding of decision-making dynamics in small human-AI teams and lay the foundation for defense strategies.