Oct 6, 2024

AI Agent Capabilities Evolution

Ekaterina Krupkina

A website with an overview of all the capabilities that agents are currently able to do and help us understand where they fall short of dangerous abilities.

Download

Review Project

Reviewer's Comments

Creating a survey website like this would be a significant contribution to the field. To enhance its value, I suggest including examples of specific agents and demonstrating their capabilities. For instance, you could showcase agents such as the Replit agent and the Multi-On agent, among others. This would provide concrete illustrations of how these agents function and what they can achieve.

This project offers a brilliant and insightful exploration of how AI agent capabilities have evolved over time. The structured analysis of milestones and risks is both comprehensive and engaging, making it a valuable resource for anyone interested in the progress of AI safety.

I like the comprehensive overview of your project and the journey through time. I also love the risk highlights and how they are showcased. The writeup and demo is very well presented. I would like to see more solution highlights to the risks highlighted and if the team is focussed on solutions around certain pattern of risks they identify. That information is not presented.

This project offers a solid overview of AI agent development and associated risks. The hierarchical data model is a good starting point for understanding the field's evolution. However, the analysis could benefit from more depth and concrete examples of mitigation strategies for the identified risks.

Cite this work

@misc {

title={

AI Agent Capabilities Evolution

author={

Ekaterina Krupkina

date={

10/6/24

organization={Apart Research},

note={Research submission to the research sprint hosted by Apart.},

howpublished={https://apartresearch.com}

}

Recent Projects

View All

Feb 2, 2026

Markov Chain Lock Watermarking: Provably Secure Authentication for LLM Outputs

We present Markov Chain Lock (MCL) watermarking, a cryptographically secure framework for authenticating LLM outputs. MCL constrains token generation to follow a secret Markov chain over SHA-256 vocabulary partitions. Using doubly stochastic transition matrices, we prove four theoretical guarantees: (1) exponentially decaying false positive rates via Hoeffding bounds, (2) graceful degradation under adversarial modification with closed-form expected scores, (3) information-theoretic security without key access, and (4) bounded quality loss via KL divergence. Experiments on 173 Wikipedia prompts using Llama-3.2-3B demonstrate that the optimal 7-state soft cycle configuration achieves 100\% detection, 0\% FPR, and perplexity 4.20. Robustness testing confirms detection above 96\% even with 30\% word replacement. The framework enables $O(n)$ model-free detection, addressing EU AI Act Article 50 requirements. Code available at \url{https://github.com/ChenghengLi/MCLW}

Feb 2, 2026

Prototyping an Embedded Off-Switch for AI Compute

This project prototypes an embedded off-switch for AI accelerators. The security block requires periodic cryptographic authorization to operate: the chip generates a nonce, an external authority signs it, and the chip verifies the signature before granting time-limited permission. Without valid authorization, outputs are gated to zero. The design was implemented in HardCaml and validated in simulation.

Feb 2, 2026

Fingerprinting All AI Cluster I/O Without Mutually Trusted Processors

We design and simulate a "border patrol" device for generating cryptographic evidence of data traffic entering and leaving an AI cluster, while eliminating the specific analog and steganographic side-channels that post-hoc verification can not close. The device eliminates the need for any mutually trusted logic, while still meeting the security needs of the prover and verifier.

Feb 2, 2026