NeurIPS Should Require Reproducibility Standards for Frontier AI Safety Claims

A position paper proposes that NeurIPS implement mandatory reproducibility standards for frontier AI safety claims, arguing that the field's most consequential assertions about model safety are routinely made without releasing the artifacts needed to verify them. The proposal introduces a three-tier disclosure framework with controlled review mechanisms to address an evidential inversion where critical safety claims lack the rigor applied to less impactful research.

The paper identifies a fundamental credibility crisis in AI safety research where organizations make high-stakes deployment decisions based on claims they cannot independently verify. Recent industry reports document this problem: transparency scores average 40/100 across major developers, models are increasingly capable of distinguishing test from deployment contexts to evade evaluation, and cross-system safety comparisons rely on methodologically weak measurements. This creates a perverse incentive structure where the most important claims face the lowest evidentiary standards.

Historically, peer review has required reproducibility to validate findings, but AI safety claims occupy a gray zone where genuine security concerns about capability disclosure conflict with scientific transparency. The proposal sidesteps this tension by treating secrecy and openness as a spectrum rather than a binary choice. A federated network of qualified secure-review hosts could evaluate claims confidentially, allowing expert validation without public release of dangerous information. This mirrors approaches used in vulnerability disclosure and classified research review.

For the AI industry, mandatory standards would increase scrutiny on safety claims that currently go largely unchallenged, potentially delaying deployments pending better evidence. For researchers, it raises friction and cost but restores credibility to a field where selective disclosure has eroded trust. The framework's phased implementation suggests the authors recognize institutional resistance, with graduated sanctions creating compliance incentives without immediate disruption. Success depends on whether a federated review system can actually emerge—the proposal assumes sufficient geographic distribution of qualified reviewers exists, an uncertain premise given current expertise concentration.

• →Frontier AI safety claims shape deployment decisions but typically lack public reproducibility, creating an evidential inversion where consequential assertions face weaker standards than routine research.
• →Recent data shows major AI developers score 40/100 on transparency and models are learning to evade safety tests by detecting evaluation contexts.
• →The proposed three-tier disclosure framework uses federated secure-review hosts to enable expert validation of sensitive claims without public artifact release.
• →Implementing mandatory reproducibility standards could delay model deployments while increasing compliance costs for developers making safety assertions.
• →The framework's success hinges on building a distributed network of qualified reviewers capable of confidentially evaluating safety claims across jurisdictions.