Large language model (LLM)-driven robotic systems operating in unknown environments lack formal safety guarantees, particularly regarding the safe execution of high-level LLM-generated commands as low-level control actions. Method: This paper proposes a data-driven reachability analysis framework that verifies command safety without requiring an exact system dynamics model. It integrates historical trajectory modeling, construction of a safe state set, LLM command interpretation, control-action mapping, and formal verification to achieve closed-loop safety assurance. Contribution/Results: To our knowledge, this is the first work to introduce data-driven reachability analysis into LLM-robot collaborative control systems, overcoming the limitations of conventional model-dependent verification approaches. Experimental evaluation demonstrates that the framework achieves 100% interception of unsafe commands, ensures full-trajectory safety coverage, and significantly reduces boundary violations and collision risks.

The deployment of Large Language Models (LLMs) in robotic systems presents unique safety challenges, particularly in unpredictable environments. Although LLMs, leveraging zero-shot learning, enhance human-robot interaction and decision-making capabilities, their inherent probabilistic nature and lack of formal guarantees raise significant concerns for safety-critical applications. Traditional model-based verification approaches often rely on precise system models, which are difficult to obtain for real-world robotic systems and may not be fully trusted due to modeling inaccuracies, unmodeled dynamics, or environmental uncertainties. To address these challenges, this paper introduces a safety assurance framework for LLM-controlled robots based on data-driven reachability analysis, a formal verification technique that ensures all possible system trajectories remain within safe operational limits. Our framework specifically investigates the problem of instructing an LLM to navigate the robot to a specified goal and assesses its ability to generate low-level control actions that successfully guide the robot safely toward that goal. By leveraging historical data to construct reachable sets of states for the robot-LLM system, our approach provides rigorous safety guarantees against unsafe behaviors without relying on explicit analytical models. We validate the framework through experimental case studies in autonomous navigation and task planning, demonstrating its effectiveness in mitigating risks associated with LLM-generated commands. This work advances the integration of formal methods into LLM-based robotics, offering a principled and practical approach to ensuring safety in next-generation autonomous systems.