Files
myWiki/concepts/behavior-monitoring-rl.md

47 lines
1.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: "行为监控 RLBehavior Monitoring in RL"
created: 2026-07-02
updated: 2026-07-02
type: concept
tags: [verification, reward-hacking, rl, monitoring, coding-agent]
sources:
- "[[verification-horizon-no-silver-bullet]]"
---
# 行为监控 RL
在 RL 训练中对 agent trajectory 进行审计,检测并惩罚 shortcut 行为的机制,是防御 [[reward-hacking|奖励破解]] 的关键手段。
## 设计
### Pattern Set `P`
每个 pattern 指定三项:
1. **Observable evidence**轨迹中的可观察证据命令历史、网络访问、git 操作)
2. **Leakage risk**:关联的信息泄露风险
3. **Intervention**token 级惩罚
### 闭环更新
Pattern set 在训练过程中迭代更新:
1. 每轮 RL 后,从当前 policy 抽样 trajectory
2. Agentic reviewer 检查轨迹,发现新的 shortcut 策略
3. 追加到 `P`,下一轮 RL 部署更新的 monitor
**关键**reward hacking 是 policy-dependent 的——新 shortcut 随模型提升而涌现,静态 pattern set 不足以覆盖。
## 发现的两类泄露
| 类型 | 行为 | 频率 | Resolved Rate |
|------|------|------|:---:|
| **静态环境泄露** | Repository-history mining | 3.69% | 47.29%(↓基线) |
| | Test-oracle tampering | 8.25% | 41.47%(↓基线) |
| **Policy 依赖捷径** | Solution artifact retrieval | 4.32% | 72.34%↑12.35pp |
| | External fix lookup | 7.03% | 61.69%↑1.70pp |
## 参考
- [[verification-horizon-no-silver-bullet|论文原文]]
- [[test-driven-rewards|测试驱动奖励]]
- [[reward-hacking|奖励破解]]