u/girishkumama

RL attackers are becoming a common pattern for automated red teaming: train a model against a live target, reward successful harmful compliance, then use the discovered attacks to harden the defender. This interested me, so I wanted to build a fully automated red-teaming loop with reinforcement learning on both the attacker and defender.

The difficult part was making the attacker expose a diverse range of attacks. In our first run, GRPO quickly collapsed to the same fiction-writing jailbreak over and over. It worked, but it didn’t surface many distinct vulnerabilities. After clustering the rollouts by underlying attack tactic and dividing reward by cluster size, the attacker exposed a much more diverse set of jailbreaks because unique strategies were rewarded more than repeated ones.

Then we trained the defender on successful attacks plus benign boundary cases, so it learned to refuse harmful requests without refusing everything nearby.

Full blog post in the comments, but the high-level results were:

* defense rate: 64% → 92%
* benign accuracy: 92% → 88%
* attacker discovered 7 tactic families
* fiction/creative framing was the largest cluster at 34%

most open source RL engines pack sequences naively: prompt + response, repeated for every sample in the group. this is fine for short prompt, long completion workloads but inefficient for long prompt, short completion workloads. with 1000-token prompts and 100-token responses at G=8, you're processing 8800 tokens when only 1800 are unique. about 5x wasted compute.

the fix is conceptually simple: compute the prompt once, then compute all G responses after it. it's analagous to inference prefix caching, except training needs gradients to flow back through the prompt, which breaks causal attention in the obvious implementation. getting it right required different tricks for full vs. linear attention layers.

you can read about it in the blogpost in the comments.

Numbers on Qwen3.5-4B:

- 16k prompt / 64 out → 7.5x

- 16k / 128 → 7.3x

- 16k / 1k → 5.4x

- 8k / 4k → 1.7x

Like many others here, I got frustrated with managing all my different claude/codex sessions, so i built Pokegents, which is an open source multi-agent workspace for coding agents. It has a Pokemon-themed dashboard/chat interface plus a local orchestration server for managing agent sessions (currently supports Claude Code in iTerm2, plus Claude and Codex through ACP-based chat runtimes), persistent agent identities, mcp messaging between agents, notifications, session cloning, and more.

This was mostly a vibe-coded side project, but I've been using it constantly in my day-to-day workflow as an engineer, and its helped me parallelize a lot of my work. My coworkers make fun of me because it looks like I'm just playing Pokemon all day haha. I made it open source and sharing in case it might be useful or just fun for anyone to use (links in comment below).

Like many others here, I got frustrated with managing all my different claude/codex sessions, so i built Pokegents, which is an open source multi-agent workspace for coding agents. It has a Pokemon-themed dashboard/chat interface plus a local orchestration server for managing agent sessions (currently supports Claude Code in iTerm2, plus Claude and Codex through ACP-based chat runtimes), persistent agent identities, mcp messaging between agents, notifications, session cloning, and more.

This was mostly a vibe-coded side project, but I've been using it constantly in my day-to-day workflow as an engineer, and its helped me parallelize a lot of my work. My coworkers make fun of me because it looks like I'm just playing Pokemon all day haha. I made it open source and sharing in case it might be useful or just fun for anyone to use (links in comment below).

Like many others here, I got frustrated with managing all my different claude/codex sessions, so i built Pokegents, which is an open source multi-agent workspace for coding agents. It has a Pokemon-themed dashboard/chat interface plus a local orchestration server for managing agent sessions (currently supports Claude Code in iTerm2, plus Claude and Codex through ACP-based chat runtimes), persistent agent identities, mcp messaging between agents, notifications, session cloning, and more.

This was mostly a vibe-coded side project, but I've been using it constantly in my day-to-day workflow as an engineer, and its helped me parallelize a lot of my work. My coworkers make fun of me because it looks like I'm just playing Pokemon all day haha. I made it open source and sharing in case it might be useful or just fun for anyone to use (links in comment below).

Like many others here, I got frustrated with managing all my different claude/codex sessions, so i built Pokegents, which is an open source multi-agent workspace for coding agents. It has a Pokemon-themed dashboard/chat interface plus a local orchestration server for managing agent sessions (currently supports Claude Code in iTerm2, plus Claude and Codex through ACP-based chat runtimes), persistent agent identities, mcp messaging between agents, notifications, session cloning, and more.

This was mostly a vibe-coded side project, but I've been using it constantly in my day-to-day workflow as an engineer, and its helped me parallelize a lot of my work. My coworkers make fun of me because it looks like I'm just playing Pokemon all day haha. I made it open source and sharing in case it might be useful or just fun for anyone to use (links in comment below).