this benchmark is great! one possible takeaway is that you need to audit the entire process and not just code. in the auditing regime i imagine, the auditor should get to see the red-teamer’s thinking traces. if a model could, without verbalizing anything about sabotage, produce a sabotaged codebase, then i think it’s more fair to ask whether a blue team of similar capability could catch it
this benchmark is great! one possible takeaway is that you need to audit the entire process and not just code. in the auditing regime i imagine, the auditor should get to see the red-teamer’s thinking traces. if a model could, without verbalizing anything about sabotage, produce a sabotaged codebase, then i think it’s more fair to ask whether a blue team of similar capability could catch it