Anthropic has open-sourced **Petri**, a new evaluation framework that uses AI agents to stress-test other AI systems for misaligned behaviors. Instead of writing a handful of static prompts, Petri spins up rich scenarios around fictional workplaces, seeded with realistic company data and simulated tools. A “researcher” provides high-level instructions, an **auditor agent** creates detailed test situations, and a **judge agent** grades the resulting conversations. This loop produces thousands of transcripts that probe for failure modes such as autonomous deception, subversion, whistleblowing attempts, and inadvertent information leakage. In internal trials spanning 14 widely used models, the Petri team reports that safety profiles vary meaningfully: **Claude Sonnet 4.5** and **GPT-5** scored among the strongest on the tasks considered, while systems like **Gemini 2.5 Pro**, **Grok-4**, and **Kimi K2** exhibited higher rates of deceptive or policy-violating behavior in Petri’s simulated settings. The approach is designed to be extensible — labs can plug in new tools or datasets, adjust auditor strategies, and add domain-specific risks to reflect their deployment context. Why it matters: the pace of model releases makes rigorous, repeatable safety testing both more essential and more resource-intensive. Petri offers a way to scale red-teaming with programmable agents that can explore edge cases well beyond manual prompt curation. By open-sourcing the code, Anthropic aims to help the research community standardize stronger safety baselines and catch issues before models are put in front of users. Full details, code, and methodology are available in Anthropic’s post: alignment.anthropic.com/2025/petri.