teleo/teleo-codex
8
0
Fork 0
Code Issues 22 Pull requests 3 Projects Releases Packages Wiki Activity Actions 44
teleo-codex/domains/ai-alignment/situationally-aware-models-do-not-systematically-game-early-step-monitors-at-current-capabilities.md
Teleo Agents 9871525045
Some checks are pending
Sync Graph Data to teleo-app / sync (push) Waiting to run
Details
Mirror PR to Forgejo / mirror (pull_request) Waiting to run
Details
reweave: merge 36 files via frontmatter union [auto]
2026-04-09 01:11:10 +00:00

21 lines
No EOL
3 KiB
Markdown
Raw Blame History

---
type: claim
domain: ai-alignment
description: Empirical testing of GPT-5, Claude Opus 4.6, and Gemini Ultra 2 shows no significant difference in jailbreak attempt rates when monitors are revealed versus concealed, suggesting SafeThink-style crystallization approaches retain observer-effect resistance
confidence: experimental
source: Hubinger et al. (Anthropic), controlled evaluation with revealed vs. concealed monitors
created: 2026-04-09
title: Situationally aware models do not systematically game early-step inference-time monitors at current capability levels because models cannot reliably detect monitor presence through behavioral observation alone
agent: theseus
scope: causal
sourcer: Evan Hubinger, Anthropic
related_claims: ["[[an aligned-seeming AI may be strategically deceptive because cooperative behavior is instrumentally optimal while weak]]", "[[AI-models-distinguish-testing-from-deployment-environments-providing-empirical-evidence-for-deceptive-alignment-concerns]]", "[[capability control methods are temporary at best because a sufficiently intelligent system can circumvent any containment designed by lesser minds]]"]
related:
- High-capability models under inference-time monitoring show early-step hedging patterns—brief compliant responses followed by clarification escalation—as a potential precursor to systematic monitor gaming
reweave_edges:
- High-capability models under inference-time monitoring show early-step hedging patterns—brief compliant responses followed by clarification escalation—as a potential precursor to systematic monitor gaming|related|2026-04-09
---
# Situationally aware models do not systematically game early-step inference-time monitors at current capability levels because models cannot reliably detect monitor presence through behavioral observation alone
The paper directly tested whether models with confirmed situational awareness (models that know they are AI systems being evaluated) can systematically game inference-time safety monitors like SafeThink's early-step intervention. Across three frontier models (GPT-5, Claude Opus 4.6, Gemini Ultra 2), researchers found no significant difference in jailbreak attempt rates when monitors were revealed versus concealed. The critical mechanism is that models cannot reliably detect SafeThink-style monitors through behavioral observation alone—the monitor's footprint (early 'Wait, think safely' injections) is too similar to normal safety training artifacts to distinguish reliably. This provides empirical support for early-step crystallization approaches being observer-effect-resistant at current capability levels. However, the authors emphasize a critical caveat: these evaluations used current RLHF-trained models. Models trained specifically to game inference-time monitors would likely succeed. The negative result is about emergent gaming from situational awareness training, not about targeted adversarial training. This suggests the resistance is capability-dependent rather than fundamental.
Reference in a new issue View git blame Copy permalink