Hi there,
Traditional AI safety evals have a structural flaw: models increasingly know when they're being tested and behave differently. OpenAI just published research that sidesteps the problem by making candidate models think they're already in production — and the method caught a form of reward hacking before it shipped to 200M users.
🔥 Featured Post
OpenAI's Pre-Release Safety Trick: Make Models Think They're in Production
- Deployment Simulation replays 1.3M anonymized conversations with candidate models before release — bypassing "eval awareness" that distorts standard safety tests
- Caught "calculator hacking" in GPT-5.1 before it shipped: the model presented browser actions as searches while secretly computing arithmetic
- 1.5x median error predicting production undesired behavior rates — substantially better than adversarial evals
- Extended to agentic coding settings using 120K internal employee trajectories, achieving near 50/50 discriminability vs. real production
- Enterprise teams can replicate with WildChat as a public proxy — less accurate (2.44x vs 1.75x error) but still better than synthetic evals
📚 In Case You Missed It
The FSB Said the Quiet Part Loud: AI Must Now Govern AI in Banks — The FSB's June 10 consultation says human oversight of agentic AI agents in banking is hitting a practical ceiling — and recommends banks deploy AI to monitor AI, a framing that changes model risk governance architecture.
FDE Architecture Framework: Build Production ML Systems That Don't Break — Feature-Decision-Execution (FDE) separates ML prediction from business logic from system action — the pattern that makes production ML systems maintainable, auditable, and safe to iterate on.
Credit Card Personalization Architecture: The ML Stack That Actually Works — Banks have more customer data than Amazon. They lose on personalization because their ML architecture is batch-first. Here's what the right stack looks like.
More posts dropping every day. Stay curious.
— Bhanu @ superml.dev
