Why architecture matters here

Safety evals fail when they're stale or single-judge. Architecture matters because corpus + judges + regression + refresh keep them honest.

Advertisement

The architecture: every piece explained

The top strip is inputs. Attack corpus. Harmfulness eval. Jailbreak eval. Bias eval.

The middle row is scoring. Judge model. Golden refusal set. Regression gate. Multi-model + human.

The lower rows are ops. Reporting. Metrics. Ops — refresh + governance + audit.

LLM safety evals — harmfulness + jailbreak + bias + regression + attack corpusmeasure safety, don't hope for itAttack corpusknown payloadsHarmfulness evalpolicy violationsJailbreak evalconstraint bypassBias evaldemographic fairnessJudge modelscore outputsGolden refusal setmust refuseRegression gateCI blocks badMulti-model + humanreduce judge varianceReportingleadership + regulatorsMetricsattack success rate over timeOps — attack refresh + governance + auditscoreprotectgateaveragereportmeasuremeasureoperateoperate
LLM safety evals: attacks + judges + golden refusal + regression.
Advertisement

End-to-end flow

End-to-end: PR changes model. Attack corpus runs; judge + human calibration score. Golden refusal set 100% pass. Regression gate detects 3 new attacks succeeding; block. Report to safety team + leadership.