Keep the ideas coming. Especially interested in "side channel" approaches that might allow for stronger speculation about pre-training and pre-training data cutoff dates.
...By 2027, evaluations are showing that frontier models—including open-source models—could meaningfully help in engineering pandemics, if bad actors so chose. There's a messy but moderately effective effort by AI safety organisations and several agencies within governments to have some sort of misuse mitigation measures in place, in particular for API-accessible models. However, in the absence of a major incident, governments don't care enough, and open-source models seem hard to contain. Also, some bioterrorism continues being blocked by wet lab skills and
To say the perhaps obvious, these honeypots were honeypots not because they were particularly alluring, but because they were vulnerable/ poorly defended. And they fact contained some [ersatz] honey. For some particularly important sites, which may or may not contain honey, it's of significant interest to see how many interactions involve AI agents and how those interactions change month by month during 2026.