NESSiE: The Necessary Safety Benchmark -- Identifying Errors that should not Exist

TL;DR

NESSiE is a safety benchmark for large language models that identifies safety failures in minimal test cases, serving as a necessary sanity check before deployment.

Contribution

The paper introduces NESSiE, a lightweight safety benchmark for LLMs, and demonstrates its effectiveness in revealing safety-relevant failures and biases.

Findings

State-of-the-art LLMs do not achieve perfect safety on NESSiE.

Models tend to be more helpful than safe according to the SH metric.

Disabling reasoning and distracting contexts reduce model safety performance.

Abstract

We introduce NESSiE, the NEceSsary SafEty benchmark for large language models (LLMs). With minimal test cases of information and access security, NESSiE reveals safety-relevant failures that should not exist, given the low complexity of the tasks. NESSiE is intended as a lightweight, easy-to-use sanity check for language model safety and, as such, is not sufficient for guaranteeing safety in general -- but we argue that passing this test is necessary for any deployment. However, even state-of-the-art LLMs do not reach 100% on NESSiE and thus fail our necessary condition of language model safety, even in the absence of adversarial attacks. Our Safe & Helpful (SH) metric allows for direct comparison of the two requirements, showing models are biased toward being helpful rather than safe. We further find that disabled reasoning for some models, but especially a benign distraction context degrade model performance. Overall, our results underscore the critical risks of deploying such models as autonomous agents in the wild. We make the dataset, package and plotting code publicly available.