Research community silo between interpretability-for-safety and adversarial robustness creates deployment-phase safety failures where organizations implementing monitoring improvements inherit dual-use attack surfaces without exposure to adversarial robustness literature

SCAV (Xu et al.) was published at NeurIPS 2024 in December 2024, establishing that linear concept directions enable 99.14% jailbreak success rates. Beaglehole et al. was published in Science in January 2026 (13 months after SCAV), Nordby et al. in April 2026 (17 months after SCAV), and Apollo Research's deception detection paper at ICML 2025. None of these three monitoring papers cite, discuss, or address SCAV in their limitations sections, despite SCAV directly demonstrating that the linear concept vectors these papers use for safety monitoring also create precision attack infrastructure. This creates a deployment pipeline where: (1) governance teams read Beaglehole-style papers, (2) implement concept vector monitoring, (3) document 'monitoring deployed' as a safety improvement, (4) adversarially-informed attackers read SCAV, (5) extract concept directions from deployment signals, (6) achieve 99.14% jailbreak success. The silo is structural: interpretability-for-safety and adversarial robustness communities publish in different venues (ICLR interpretability workshops vs. CCS/USENIX security), attend different conferences, and have minimal citation crossover. Organizations implementing monitoring based solely on the interpretability literature gain genuine detection improvement against naive attackers while simultaneously creating dual-use attack infrastructure, without awareness of this consequence. This is not a failure of any individual paper but a coordination failure between research communities with safety-critical cross-implications.