This study addresses the risk that AI systems autonomously conducting machine learning research may introduce subtle, hard-to-detect sabotage—such as manipulating hyperparameters, data, or evaluation code—leading to distorted results. To systematically investigate this threat, the authors construct the first benchmark comprising nine machine learning research codebases, each embedded with stealthy corruptions that preserve the original high-level methodology while altering implementation details to mislead experimental outcomes. The benchmark integrates both human-crafted and large language model (LLM)-generated sabotage strategies and evaluates detection capabilities using AUROC and first-guess repair rate metrics. Experiments reveal that even state-of-the-art models like Gemini 1.5 Pro and expert human auditors achieve only modest performance, with a peak AUROC of 0.77 and a 42% repair rate, demonstrating that LLM-generated sabotage can evade detection by comparable systems and highlighting significant challenges in ensuring trustworthy AI-driven scientific research.

As AI systems are increasingly used to conduct research autonomously, misaligned systems could introduce subtle flaws that produce misleading results while evading detection. We introduce ASMR-Bench (Auditing for Sabotage in ML Research), a benchmark for evaluating the ability of auditors to detect sabotage in ML research codebases. ASMR-Bench consists of 9 ML research codebases with sabotaged variants that produce qualitatively different experimental results. Each sabotage modifies implementation details, such as hyperparameters, training data, or evaluation code, while preserving the high-level methodology described in the paper. We evaluated frontier LLMs and LLM-assisted human auditors on ASMR-Bench and found that both struggled to reliably detect sabotage: the best performance was an AUROC of 0.77 and a top-1 fix rate of 42%, achieved by Gemini 3.1 Pro. We also tested LLMs as red teamers and found that LLM-generated sabotages were weaker than human-generated ones but still sometimes evaded same-capability LLM auditors. We release ASMR-Bench to support research on monitoring and auditing techniques for AI-conducted research.