AIToday

Researchers discover that testing AI safety requires multiple attempts—single tests miss 30-50% of jailbreak vulnerabilities

arXiv cs.CLApr 22, 20262 min read

Summaries like this, in your inbox every morning.

Sign up free →

3 Key Points

  1. Computer scientists at multiple institutions ran tests on large language models (AI systems trained to follow instructions) using the JailbreakBench dataset to measure how often they could be tricked into producing harmful outputs. They found that asking the AI the same question just once misses most jailbreak attempts—but asking 5-10 times reveals significantly more vulnerabilities that a single test would have hidden.

  2. The gap is largest when jumping from one attempt to five attempts. Testing five times instead of one catches most additional harmful behaviors; testing 50 times adds almost nothing new. This means AI safety teams can audit models efficiently without needing to run hundreds of expensive tests per question.

  3. Companies and labs shipping AI products now know they cannot rely on single-pass safety checks. Slack, OpenAI, Anthropic, and other firms that certify their models as 'safe' must increase their testing budgets—what looked like a passing grade on one attempt may fail on five. This affects how quickly new AI features ship and how much safety validation costs.

Discussion

No comments yet. Be the first to share your thoughts!

Log in to join the discussion

Related Articles

Stay ahead with AI news

Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.

Get Started Free

Free · takes 30 seconds · unsubscribe anytime

1 minute a day. The AI essentials.

200+ sources · Email / LINE / Slack

Get it free →