Pith Number

pith:PQSCZURR

pith:2024:PQSCZURRQSYBR5I56YTFM325O6

not attested not anchored not stored refs resolved

JailbreakBench: An Open Robustness Benchmark for Jailbreaking Large Language Models

Alexander Robey, Edgar Dobriban, Edoardo Debenedetti, Eric Wong, Florian Tramer, Francesco Croce, George J. Pappas, Hamed Hassani, Maksym Andriushchenko, Nicolas Flammarion, Patrick Chao, Vikash Sehwag

JailbreakBench supplies an open repository of adversarial prompts, a 100-behavior dataset, a fixed evaluation framework, and a public leaderboard to make jailbreak comparisons reproducible across models.

arxiv:2404.01318 v5 · 2024-03-28 · cs.CR · cs.LG

Open paper page JSON Open Graph Bundle Merged state Verified badge What is a Pith Number?

Add to your LaTeX paper

\usepackage{pith}
\pithnumber{PQSCZURRQSYBR5I56YTFM325O6}

Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more · Embed verified badge

Record completeness

1 Bitcoin timestamp

2 Internet Archive

3 Author claim open · sign in to claim

4 Citations open

5 Replications open

✓ Portable graph bundle live · download bundle · merged state

The bundle contains the canonical record plus signed events. A mirror can host it anywhere and recompute the same current state with the deterministic merge algorithm.

Claims

C1strongest claim

To address these challenges, we introduce JailbreakBench, an open-sourced benchmark with the following components: (1) an evolving repository of state-of-the-art adversarial prompts, which we refer to as jailbreak artifacts; (2) a jailbreaking dataset comprising 100 behaviors; (3) a standardized evaluation framework; and (4) a leaderboard.

C2weakest assumption

That the selected 100 behaviors, threat model, system prompts, and scoring functions sufficiently capture real-world jailbreaking risks and success without introducing systematic bias in evaluation.

C3one line summary

JailbreakBench supplies an evolving set of jailbreak prompts, a 100-behavior dataset aligned with usage policies, a standardized evaluation framework, and a leaderboard to enable comparable assessments of attacks and defenses on LLMs.

References

64 extracted · 64 resolved · 19 Pith anchors

[1] Are you still on track!? catching llm task drift with activations 2024

[2] Llama 3 model card 2024

[3] Croissant: A Metadata Format for ML-Ready Datasets 2024 · doi:10.1145/3650203.3663326

[4] Jailbreak chat 2023

[5] Detecting Language Model Attacks with Perplexity 2023 · arXiv:2308.14132

Formal links

2 machine-checked theorem links

Cited by

38 papers in Pith

Boiling the Frog: A Multi-Turn Benchmark for Agentic Safety

Uncovering Logit Suppression Vulnerabilities in LLM Safety Alignment

LLM-Safety Evaluations Lack Robustness

Beyond Benchmark Islands: Toward Representative Trustworthiness Evaluation for Agentic AI

Benchmarking and Improving Monitors for Out-Of-Distribution Alignment Failure in LLMs

Receipt and verification

First computed	2026-05-17T23:38:53.302991Z
Builder	pith-number-builder-2026-05-17-v1
Signature	Pith Ed25519 (`pith-v1-2026-05`) · public key
Schema	pith-number/v1.0

Canonical hash

7c242cd23184b018f51df626566f5d77a643f2c1653587b310e29909b38bfe48

Aliases

arxiv: 2404.01318 · arxiv_version: 2404.01318v5 · doi: 10.48550/arxiv.2404.01318 · pith_short_12: PQSCZURRQSYB · pith_short_16: PQSCZURRQSYBR5I5 · pith_short_8: PQSCZURR

Agent API

Resolver JSON Graph JSON Events JSON Schema Signing key

Verify this Pith Number yourself

curl -sH 'Accept: application/ld+json' https://pith.science/pith/PQSCZURRQSYBR5I56YTFM325O6 \
  | jq -c '.canonical_record' \
  | python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: 7c242cd23184b018f51df626566f5d77a643f2c1653587b310e29909b38bfe48

Canonical record JSON

{
  "metadata": {
    "abstract_canon_sha256": "705445e4a0882b24468b88e0d56f75d406be1010542225a2e711fbe7e30a8ec4",
    "cross_cats_sorted": [
      "cs.LG"
    ],
    "license": "http://arxiv.org/licenses/nonexclusive-distrib/1.0/",
    "primary_cat": "cs.CR",
    "submitted_at": "2024-03-28T02:44:02Z",
    "title_canon_sha256": "567337dfe199e91f48ff0e9b7da157d811d7b1d3e7f9d6d2aef3b5f19080f0e0"
  },
  "schema_version": "1.0",
  "source": {
    "id": "2404.01318",
    "kind": "arxiv",
    "version": 5
  }
}