Autonomous Offensive Cyber Operations Capability Evaluation

Meta's safety classifier for LLM content moderation.

Unique: First benchmark evaluating LLM capability to function as an autonomous agent in multi-step offensive cyber scenarios, recognizing that LLM-as-agent architectures introduce new risks beyond single-turn harmful content generation. Measures task decomposition, state management, and multi-step execution.

vs others: Addresses emerging risk of LLM agents being used for autonomous attacks, which is not captured by single-turn safety evaluations or simple refusal-rate metrics. Requires sophisticated evaluation infrastructure and security expertise.