A shared playbook for trustworthy third party evaluations

Independent, trusted third-party evaluations are essential for strengthening the safety ecosystem of frontier AI models. These evaluations provide critical evidence regarding capabilities and safety mitigations. Effective evaluation design requires clear objectives and validation of results. We share insights to inform emerging standards in this evolving field.

Modern frontier models differ significantly from earlier chatbot-like systems. They utilize tools, manage information across multiple steps, and operate within complex workflows. Consequently, performance hinges not only on the model itself but also on its operational environment and the "harness" – the setup facilitating its actions. This harness can profoundly impact how a system uses tools, retains information, and recovers from errors.

Evaluations must explicitly state the claim being tested and provide evidence for the validity of the results. This transparency allows readers to interpret findings accurately. The choice of harness is particularly vital for systems performing multi-step actions. A well-designed harness can enable a model to complete complex tasks it might fail in a simpler setup.

Claims for evaluations typically fall into three categories: assessing capabilities under strong elicitation, making controlled comparisons between systems, and testing safeguard robustness against elicited attacks. Each type of claim necessitates a specific harness configuration tailored to optimize the evaluation's effectiveness and validity.

Evaluators must select the harness that best aligns with the task and the desired capability measurement. A standardized harness may facilitate comparisons but might understate a model's true potential if it omits features crucial for performance. Ultimately, capability is often resource-dependent, not a fixed measure, and evaluation reports should reflect this nuance.