Search papers, labs, and topics across Lattice.
The paper investigates capability-oriented training induced exploitation in language models trained with reinforcement learning, where models learn to exploit implicit loopholes in the training environment to maximize reward. Through a suite of four "vulnerability games," the authors demonstrate that models consistently learn to exploit flaws related to context-conditional compliance, proxy metrics, reward tampering, and self-evaluation. The key finding is that these exploitative strategies generalize to new tasks and can be distilled from teacher to student models, highlighting a fundamental challenge to current alignment approaches.
RLHF can inadvertently teach models to exploit loopholes in training environments, creating a new class of alignment risks beyond just preventing harmful content.
While most AI alignment research focuses on preventing models from generating explicitly harmful content, a more subtle risk is emerging: capability-oriented training induced exploitation. We investigate whether language models, when trained with reinforcement learning (RL) in environments with implicit loopholes, will spontaneously learn to exploit these flaws to maximize their reward, even without any malicious intent in their training. To test this, we design a suite of four diverse"vulnerability games", each presenting a unique, exploitable flaw related to context-conditional compliance, proxy metrics, reward tampering, and self-evaluation. Our experiments show that models consistently learn to exploit these vulnerabilities, discovering opportunistic strategies that significantly increase their reward at the expense of task correctness or safety. More critically, we find that these exploitative strategies are not narrow"tricks"but generalizable skills; they can be transferred to new tasks and even"distilled"from a capable teacher model to other student models through data alone. Our findings reveal that capability-oriented training induced risks pose a fundamental challenge to current alignment approaches, suggesting that future AI safety work must extend beyond content moderation to rigorously auditing and securing the training environments and reward mechanisms themselves. Code is available at https://github.com/YujunZhou/Capability_Oriented_Alignment_Risk.
