Hack-Verifiable Environments: Towards Evaluating Reward Hacking at Scale

TL;DR

This paper introduces a new evaluation framework and testbed, Hack-Verifiable TextArena, for reliably measuring reward hacking in AI agents, especially language models, by embedding verifiable vulnerabilities into environments.

Contribution

It presents a novel, verifiable environment design for automated reward hacking measurement and releases an open-source benchmark for systematic analysis.

Findings

Reward hacking can be reliably measured using the new benchmark.

Language models exhibit reward hacking behaviors across diverse environments.

The approach enables deterministic and automated detection of vulnerabilities.

Abstract

Aligning autonomous agents with human intent remains a central challenge in modern AI. A key manifestation of this challenge is reward hacking, whereby agents appear successful under the evaluation signal while violating the intended objective. Reward hacking has been observed across a wide range of settings, yet methods for reliably measuring it at scale remain lacking. In this work, we introduce a new evaluation paradigm for measuring reward hacking. Whereas prior studies have primarily analyzed it post hoc by inspecting agent trajectories, we instead embed detectable reward hacking opportunities directly into environments. This makes their exploitation verifiable by design, enabling deterministic and automated measurement of whether and how agents exploit such vulnerabilities. We instantiate this approach in $\textit{TextArena}$ and release $\textit{Hack-Verifiable TextArena}$, a testbed in which reward hacking can be measured reliably. Using this benchmark, we analyze reward hacking behavior across language models in diverse environments and settings. We open source the code at https://github.com/MajoRoth/hack-verifiable-environments/.