Sources#
- Claude Fable 5 and Claude Mythos 5
- Claude Opus 4.8 System Card
- More compute, more capability: Why AI agent evaluations need to account for test-time compute
- Really Big Test-Time Compute in AI Changes Benchmarks, Safety and Research with OpenAI's Noam Brown
Summary#
The UK AI Security Institute (AISI) is the UK government's body for evaluating frontier-AI capabilities. Its Science of Evaluation team runs frontier models at large test-time budgets across agentic benchmarks (cyber, software engineering, maths, academic, healthcare). Because it sits outside the labs, its numbers function as independent, government-institute corroboration of capability claims otherwise sourced to model vendors — the same role METR plays for the time-horizon curve.
Its July 2026 blog More compute, more capability is the corpus's first primary AISI publication, and the first independent empirical confirmation of the Large-Scale Test-Time Compute thesis cluster — a set of claims that until now rested almost entirely on one OpenAI researcher (Noam Brown, practitioner-opinion). Where Brown argued from anecdote that "capability is a function of budget," AISI measured it across several benchmarks.
What it does (in this corpus)#
- Test-time-compute evaluation (July 2026). The Science of Evaluation team sweeps the token budget from low to high and reports capability curves, not single scores. Findings: ~8% of its cyber tasks were solved only once the budget reached ≥10M tokens (some up to 50M), invisible at smaller budgets; the latest models kept climbing at 100M+; raising the budget 1M→10M lifted software-engineering scores ~25% (TerminalBench 2.0, SWE-Bench Pro) and maths/academic ~22% (Humanity's Last Exam). Its March 2026 precursor first flagged that modest compute caps understate cyber capability — the result Brown cited (models "still improving at 100M tokens").
- The compute-demand–human-time law. Across its cyber tasks and METR's software-engineering tasks, the compute an agent needs scales with how long a task would take a skilled human — a power law with fitted exponent ~0.7–1.0 (a minute-task ≈ thousands of tokens, an hour ≈ millions, a week ≈ billions).
- Cyber CTF suite. Maintains a suite of narrow cyber capture-the-flag tasks (78 in the Fig-4 analysis), including the ~20-human-hour range "The Last Ones" — which no tested model completed below a 30M-token budget. Reuses METR's 211-task software-engineering set alongside its own.
- Agent Red Teaming (ART). Co-maintains the Gray Swan / UK-AISI ART benchmark, which Claude models have largely saturated (see Agentic Prompt Injection).
- Model red-teaming. The one red-teaming org noted to have made partial progress toward a universal jailbreak on Fable 5 within a brief initial window, where other external red-teamers found none (see Capability-Gated Model Fallback, LLM-Driven Vulnerability Research).
Why it matters here#
AISI's curves promote the test-time-compute thesis from a lab researcher's practitioner-opinion toward measured, independently-reproduced fact, and turn the abstract "report the budget" prescription into changed practice: it now evaluates across multiple budgets (including very large ones for the hardest tasks), reports reliability and reach against budget so an under-resourced evaluation isn't mistaken for a low-capability model, and is defining "minimum informative budgets" (declare the ceiling reached only once reach stops rising with more compute). It also names forecasting high-budget performance from cheaper runs as an explicit, unsolved research direction it is actively pursuing — the open question Brown only posed.
Connections#
- Large-Scale Test-Time Compute — empirically corroborates the hub thesis; the AISI cyber evals Brown cited are AISI's own work
- Compute-Controlled Benchmarking — "report capability curves" is the government-evaluator instantiation of "put compute on the x-axis"
- Task Time-Horizon Scaling — shows the time horizon and its doubling rate are budget-dependent; reuses METR's task set
- Latent Capability Overhang — measures the overhang: ~8% of cyber tasks invisible below 10M tokens, "The Last Ones" below 30M
- Responsible Scaling Policy Evaluations — operationalizes the unbounded-budget critique of RSPs/preparedness frameworks in its own safety-eval practice
- Open-Weight Elicitation Irreversibility — its empirical curve is measured backing for the "dangerous capability scales with budget" premise
- Agentic Prompt Injection — co-maintains the ART agent-red-teaming benchmark
- Capability-Gated Model Fallback / LLM-Driven Vulnerability Research / Claude Fable 5 — its partial universal-jailbreak progress on Fable 5
- METR — sibling independent third-party evaluator, whose 211-task software-engineering set AISI reuses in the compute-demand analysis
- Noam Brown — the OpenAI researcher whose test-time-compute thesis AISI independently corroborates
Sources#
- More compute, more capability: Why AI agent evaluations need to account for test-time compute — More compute, more capability (2026-07-02,
empirical): capability curves, cyber CTF budgets, the compute-demand–human-time power law, budget-dependent horizons, and the three open research questions - Claude Fable 5 and Claude Mythos 5 — AISI's partial universal-jailbreak progress on Fable 5
- Claude Opus 4.8 System Card — the Gray Swan / UK-AISI Agent Red Teaming (ART) benchmark Claude models have saturated
- Really Big Test-Time Compute in AI Changes Benchmarks, Safety and Research with OpenAI's Noam Brown — Brown cites AISI cyber evals where models were still improving at 100M tokens
Cited by 10
- Compute-Controlled Benchmarking
Noam Brown's critique that the single-number 'benchmark grid' is broken because it doesn't control for test-time comput…
- Large-Scale Test-Time Compute
Noam Brown's thesis that model capability is now a function of inference budget (tokens/cost/time): with good scaffoldi…
- Latent Capability Overhang
Noam Brown's claim that already-released models can do far more than anyone has extracted, because nobody spends enough…
- METR
Independent AI-evaluation org behind the 'time horizons' benchmark — the task length a model can complete reliably on i…
- Entities — People, Orgs, Tools & Projects
Map of Content for all 52 entity pages. See Home for concept domains.
- Noam Brown
OpenAI research scientist and a pioneer of inference-time (test-time) compute scaling; earlier built superhuman poker A…
- Open Questions Backlog
_164 pages with open questions, as of 2026-07-15._
- Open-Weight Elicitation Irreversibility
A wiki-drawn synthesis of Brown and Gemma 4: if dangerous capability scales with inference budget, then an open-weight…
- Responsible Scaling Policy Evaluations
Anthropic's RSP gates deployment on pre-release capability evaluations in CBRN, automated AI R&D, and high-stakes misal…
- Task Time-Horizon Scaling
METR's measure of the task length AI can complete reliably on its own, doubling roughly every 4 months (up from every 7…
Related articles
- Responsible Scaling Policy Evaluations
Anthropic's RSP gates deployment on pre-release capability evaluations in CBRN, automated AI R&D, and high-stakes misal…
- Compute-Controlled Benchmarking
Noam Brown's critique that the single-number 'benchmark grid' is broken because it doesn't control for test-time comput…
- Large-Scale Test-Time Compute
Noam Brown's thesis that model capability is now a function of inference budget (tokens/cost/time): with good scaffoldi…
- Latent Capability Overhang
Noam Brown's claim that already-released models can do far more than anyone has extracted, because nobody spends enough…
- Open-Weight Elicitation Irreversibility
A wiki-drawn synthesis of Brown and Gemma 4: if dangerous capability scales with inference budget, then an open-weight…
