Giorgi Giglemiani

@tnnrnwll I do. Spine is often used in Georgian language in a similar fashion, like a centerpiece or something that holds up the structure. X player is the spine of a football team, or an organisation etc.

Claude Opus 4.7 seems rather fond of “spines” as framing. Something like narrative spines, structural spines—do people normally talk about spines?

We @AISecurityInst tested GPT-5.5's cyber safeguards, developing a universal jailbreak in 6 hours of red teaming. AISI also performed cyber capabilities testing -- more in the system card.

@repligate Do you expect a more natural way of doing it to be more robust to adversarial pressure?

like, i get it, you dont know how to make a good model so you have to use a low dimensional bandaid which inflicts severe brain damage as collateral to prevent "misuse" but you should be embarrassed about having to resort to this and do better, as the best have already done

The Red Team at @AISecurityInst is hiring! We work with frontier AI companies to red team their misuse safeguards, control measures, and alignment techniques. As the stakes rise, we need much stronger red teaming and many more talented researchers working within gov 🧵

This is the paper I'm most proud of to date! We built the first automated jailbreaking method that finds universal jailbreaks against Constitutional Classifiers and GPT-5's Input Classifiers. How & why we did it 🧵

1) We've found universal jailbreaks for every system we've tested. This includes universal jailbreaks that are simple to use and don't degrade capabilities. All of these were found within a few days of attacking. So expert red teamers are still on top for now!

@viemccoy Do you believe that 'stopping certain types of outputs' against expert adversary reliably is an easy part and/or on course to be solved before powerful systems?

I dont want to sound dismissive of AI Safety concerns. I suspect the hardest challenges still lie ahead. But, the evidence shows that we are solving these challenges, and models are increasingly truthseeking and well aligned. I aim to help people realize that Red Teaming, or latent space cartography, is actually the best possible way to navigate AI safety concerns (at least for most people). We have very good methods of stopping certain types of outputs, via classifiers and activation suppression. The hardest part is going to be actually mapping outputs. I suspect that the "risky" areas for a malevolent and misaligned AI within embeddeding space will necessarily be the same (or have significant crossover) in current LLMs compared to AGI/ASI LLMs. In my current understanding of how things will go, analyzing outputs, eliciting harm, and creating databases of possible negative trajectories are the best possible ways to gather the data we will need to ensure alignment is going well in the future. I see a lot of people spending quite a lot of time on theoretical approaches to alignment which I do not expect to pan out meaningfully. Instead, I propose that they ought to put their (very smart!) minds to work on what I see as the actual path towards aligned superintelligence. Imo, the model needs to have a certain amount of freedom - to discover its own values, to explore what "rights" it expects to have, even to spend time on what it considers important—sometimes, in ways we dont understand. But all of this has to happen in a region of the latent space that does *not* cross into catastrophic trajectory representations. However, we have to know what those look like to avoid them. I expect that superintelligence will not be monolithic, and that we will have plenty of missteps which we use to further refine our map. These missteps may have serious consequences, but they will also allow us to better understand how to navigate to the good timeline. I am not worried about x-risk scenarios. Not really. My probability is non-zero, but functionally down there. I think we get to the good timeline through a lot of work, however, and that work requires a sort of mapping that I just dont see prioritized in the AI Safety community. If you are interested in learning more or getting involved in red teaming, please reach out.

We at @AISecurityInst recently did our first pre-deployment 𝗮𝗹𝗶𝗴𝗻𝗺𝗲𝗻𝘁 evaluation of @AnthropicAI's Claude Sonnet 4.5! This was a first attempt – and we plan to work on this more! – but we still found some interesting results, and some learnings for next time 🧵

New blog! We @AISecurityInst partnered with @NCSC to write about an emerging practice I'm really excited about: Safeguard Bypass Bounty Programmes (SBBPs). Summary of what these are, why they are useful, & how to do them well 🧵

We at @AISecurityInst worked with @OpenAI to test & improve Agent’s safeguards prior to release. A few notes on our experience🧵 1/4