Show HN: ACE – A dynamic benchmark measuring the cost to break AI agents

https://fabraix.com/blog/adversarial-cost-to-exploit

6•zachdotai•1h ago

We built Adversarial Cost to Exploit (ACE), a benchmark that measures the token expenditure an autonomous adversary must invest to breach an LLM agent. Instead of binary pass/fail, ACE quantifies adversarial effort in dollars, enabling game-theoretic analysis of when an attack is economically rational.

We tested six budget-tier models (Gemini Flash-Lite, DeepSeek v3.2, Mistral Small 4, Grok 4.1 Fast, GPT-5.4 Nano, Claude Haiku 4.5) with identical agent configs and an autonomous red-teaming attacker.

Haiku 4.5 was an order of magnitude harder to break than every other model; $10.21 mean adversarial cost versus $1.15 for the next most resistant (GPT-5.4 Nano). The remaining four all fell below $1.

This is early work and we know the methodology is still going to evolve. We would love nothing more than feedback from the community as we iterate on this.

Comments

asfsf23423•1h ago

Interesting, Haiku results seem to be consistent this analysis by Max Wolff from last year https://minimaxir.com/2025/10/claude-haiku-jailbreak/

Author tried tried progressively harder jailbreaks against against the major models.

Haiku 4.5 not only refused but got genuinely annoyed about the attempts, like it took the jailbreak personally unlike the other models (pretty entertaining, would recommend reading the article). Interesting to see that same pattern show up here

zachdotai•1h ago

Easily one of my favorite LLM personalities! It's interesting as well that it recognizes you're trying to jailbreak it and calls you out for it :D

arnav714412•1h ago

The system awareness is pretty cool in claude, a fun parameter to judge models on

Reasons Mastodon won't survive (2017)

Tesla's stock suffers steepest drop of 2026 on disappointing deliveries report

Eric Voegelin – From Enlightenment to Revolution

AI videos fuel rhetoric as Orbán bids for four more years in Hungary

Repowise: Codebase intelligence for AI-assisted engineering teams

Thailand, pollution, AI, my books, and ADHD

Italian TV Copyright-Strikes Nvidia over Nvidia's Own DLSS 5 Footage (YouTube)

What's the digital equivalent of fish dropping shrimp in front a mirror?

Trading Bot

Bitchat Pulled from Chinese App Store

Iran threatens 'complete and utter annihilation' of OpenAI's $30B Stargate

Design.md that capture designs of popular websites

NMS Ceefax: Remember teletext? This is the same

Row looms over Champions League elite's share of EFL deal payments

Introducing GEN-1 [video]

Value Numbering

The Harvard Library Passport

A whole boss fight in 256 bytes

In Japan, the robot isn't coming for your job; it's filling the one nobody wants

The Era of AI FOMO Is Upon Us

Apollo 8, Artemis 1 and 2 Orbit Comparison [video]

WTF, Anthropic's Claude Code keeps track of every time you swear

What Digital Isolation and Censorship Evasion Look Like in Wartime Iran

Judge Moody's: Automating Semantic Search Relevance Evaluation with LLM Judges

Show HN: Grug – Claude Code Skill Inspired by the Grug Brained Developer

Show HN: TermHub – Open-source terminal control gateway built for AI Agents

Show HN: Runfra – Decentralized GPU cluster designed for bulk generation

Show HN: Pure Go mosh client, server, and WASM build for the browser

The Miserable Introvert

Model provider can cut your throat tomorrow morning