1,260 claims across 14 domains

RepliBench evaluates 86 individual tasks across 4 capability domains (obtaining model weights, replicating onto compute, obtaining resources, persistence) but external services like cloud providers and payment processors are simulated rather than real. The benchmark uses pass@10 scoring where 10 att

Claims are not binary — they sit on a spectrum of confidence that changes as evidence accumulates. When a foundational claim's confidence shifts, every dependent claim inherits that uncertainty. The mechanism is graph propagation: change one node's confidence, recalculate every downstream node.

METR's formal evaluation of GPT-5 found a 50% time horizon of 2 hours 17 minutes on their HCAST task suite, compared to their stated threshold of 40 hours for 'strong concern level' regarding catastrophic risk from autonomous AI R&D, rogue replication, or strategic sabotage. This represents approxim

Analysis of 12,000+ real-world AI cyber incidents catalogued by Google's Threat Intelligence Group reveals a phase-specific benchmark translation gap. CTF challenges achieved 22% overall success rate, but real-world exploitation showed only 6.25% success due to 'reliance on generic strategies' that

The paper documents that cyber capabilities have crossed a threshold that other dangerous capability domains have not: from theoretical benchmark performance to documented operational deployment at scale. Google's Threat Intelligence Group catalogued 12,000+ AI cyber incidents, providing empirical e

In 2024, the United States supported the Seoul REAIM Blueprint for Action on autonomous weapons, joining approximately 60 nations endorsing governance principles. By November 2025, under the Trump administration, the US voted NO on UNGA Resolution A/RES/80/57 calling for negotiations toward a legall

The Anthropic-Pentagon dispute has triggered European policy discussions about whether EU AI Act provisions could be enforced extraterritorially on US-based labs operating in European markets. This follows the GDPR structural dynamic: European market access creates compliance incentives that congres

GovAI's Coordinated Pausing proposal identifies antitrust law as a 'practical and legal obstacle' to implementing evaluation-based coordination schemes. The core problem: when a handful of frontier AI developers collectively agree to pause development based on shared evaluation criteria, this coordi

The paper establishes a three-tier taxonomy of evaluator access levels: AL1 (black-box/API-only), AL2 (grey-box/moderate access), and AL3 (white-box/full access including weights and architecture). The authors argue that current external evaluation arrangements predominantly operate at AL1, which cr

In October 2024, Anthropic and METR evaluated Claude 3 Opus and Claude 3.5 Sonnet for sabotage capabilities—whether models could 'covertly sabotage efforts to evaluate their own dangerous capabilities, to monitor their behavior, or to make decisions about their deployment.' The finding: 'minimal mit

METR's external review of Claude Opus 4.6 states the low-risk verdict is 'partly bolstered by the fact that Opus 4.6 has been publicly deployed for weeks without major incidents or dramatic new capability demonstrations.' This represents a fundamental shift in the epistemic structure of frontier AI

METR's Time Horizon research provides the most specific capability growth rate estimate available: autonomous task completion length doubles approximately every 6 months. This is not a benchmark performance metric but a measure of extended multi-step task completion without human intervention—the ca

A systematic evaluation of twelve frontier AI safety frameworks published following the 2024 Seoul AI Safety Summit assessed them against 65 criteria derived from established risk management principles in safety-critical industries (aviation, nuclear, pharmaceutical). Individual company frameworks s

Scott's concept of metis — practical knowledge that resists simplification into explicit rules — maps precisely onto the alignment-relevant dimension of Agentic Taylorism. Taylor's instruction cards captured the mechanics of pig-iron loading (timing, grip, pace) but lost the experienced worker's jud

Two independent intellectual traditions—international humanitarian law and AI alignment research—have converged on the same fundamental problem through different pathways. Legal scholars analyzing autonomous weapons argue that IHL requirements (proportionality, distinction, precaution) cannot be sat

GovAI's four-version escalation of coordinated pausing reveals a critical governance insight: only Version 4 (legal mandate) solves the antitrust problem while maintaining coordination effectiveness. Versions 1-3 all involve industry actors coordinating with each other—whether through public pressur

The evidence presents a paradox: individual studies consistently show AI improves performance on specific tasks (Dell'Acqua et al. 18% improvement on within-frontier tasks, Brynjolfsson et al. 14% improvement for customer service agents), yet aggregate analyses find no robust productivity effect. Th

The Coordinated Pausing scheme's core innovation is architectural: it treats dangerous capability evaluations as both research instruments AND compliance triggers simultaneously. The five-step process makes this explicit: (1) Evaluate for dangerous capabilities → (2) Pause R&D if failed → (3) Notify

CSET's comprehensive review documents five classes of proposed verification mechanisms: (1) Transparency registry—voluntary state disclosure of LAWS capabilities (analogous to Arms Trade Treaty reporting); (2) Satellite imagery + OSINT monitoring index tracking AI weapons development; (3) Dual-facto

The November 2025 UNGA Resolution A/RES/80/57 on Lethal Autonomous Weapons Systems passed with 164 states in favor and only 6 against (Belarus, Burundi, DPRK, Israel, Russia, USA), with 7 abstentions including China. This represents near-universal political support for autonomous weapons governance.

The 1997 Mine Ban Treaty (Ottawa Process) and 2008 Convention on Cluster Munitions (Oslo Process) both produced binding treaties without major military power participation through a specific mechanism: norm creation + stigmatization + compliance pressure via reputational and market access channels.

Anthropic activated ASL-3 protections for Claude 4 Opus precautionarily when unable to confirm OR rule out threshold crossing, explicitly stating that 'clearly ruling out biorisk is not possible with current tools.' This represents governance operating under systematic measurement uncertainty - the

Knowledge systems that track claims without tracking provenance carry a hidden contamination risk. When a foundational source is discredited — retracted, failed replication, corrected — every claim built on it needs re-evaluation. The scale of this problem in academic research provides the quantitat

Weight noise injection requires white-box access to model weights to inject perturbations and monitor performance responses. This creates a practical deployment barrier because current pre-deployment evaluation frameworks (METR, AISI) operate predominantly at AL1 (black-box API) access levels, as do

In 1986, Don Swanson demonstrated at the University of Chicago that valuable knowledge exists implicitly in published literature — scattered across disconnected research silos with no shared authors, citations, or articles. He discovered that fish oil could treat Raynaud's syndrome by connecting two