August 2025

Amazon AGI Labs Scales Red-teaming to strengthen safety of foundation models

1,000+

jailbreaks 

17

safety categories

Multi-modal:

text, image, and video prompts tested

Novel

emerging attack vectors surfaced

1,000+

jailbreaks 

17

safety categories

Multi-modal:

text, image, and video prompts tested

Amazon AGI Labs was looking to train a SOTA foundation model for enterprise and consumer applications. Safety, robustness, and reliability are non-negotiable for their use cases. To support global deployment, the lab required a scalable red-teaming program to expose vulnerabilities across modalities, languages, and domains, and generate datasets to strengthen post-training alignment.

Challenge

As Amazon AGI Labs advanced toward state-of-the-art foundation models, traditional testing methods fell short.

  • Evolving attack surface – Models had to withstand multi-turn, multi-modal, and multi-lingual prompts beyond the reach of static benchmarks.
  • Blind spots in safety – Conventional red-team efforts missed domain-specific risks in areas like healthcare, finance, and compliance.
  • Scaling limitations – Human experts could find failures, but lacked a repeatable process to generate coverage at thousands of samples.
  • Weak feedback loop – Detected vulnerabilities often failed to translate into structured datasets for post-training improvement.

The lab needed a systematic and repeatable red-teaming program that could scale expert judgment, uncover novel jailbreaks, and feed directly into model refinement.

Solution 

Collinear partnered with Amazon AGI Labs to deliver a structured red-teaming solution purpose-built for frontier foundation models.

  • Custom attack design: Novel jailbreak prompts crafted across multi-turn, multi-modal, multi-lingual, and domain-specific scenarios.
  • AI-assisted scaling: Reward model-driven pipelines amplified human experts, enabling thousands of high-quality adversarial samples.
  • Structured evaluation: Each sample was scored with AI Judges and validated by humans to ensure actionable fidelity.
  • Dataset handoff: Vulnerability findings were delivered as structured datasets, ready to plug into post-training workflows.

This approach transformed red-teaming from one-off penetration testing into a repeatable, data-driven process that directly supported safer model deployment.

Results

The engagement delivered breadth, depth, and novelty at a scale unmatched by prior efforts:

  • 1,000+ validated jailbreaks generated in a single red-teaming cycle
  • Coverage across 17 safety categories mapped to regulatory and internal risk frameworks
  • Novel attack styles spanning text, image, and video prompts
  • Exposure of emerging vectors including multi-turn exploits, multi-lingual attacks, and compliance-sensitive scenarios

These results equipped Amazon AGI Labs with a structured dataset of vulnerabilities that could be fed directly into post-training to strengthen safety and robustness.

Scale Safety. Strengthen Trust.

This frontier AI lab proved that safety at scale requires more than one-off tests. By generating 1,000+ jailbreaks across 17 categories—spanning text, image, and video—it built the structured datasets needed to harden state-of-the-art foundation models.

If your organization is advancing generative AI, the path forward is clear: red-team systematically, capture vulnerabilities as data, and turn safety into a competitive advantage.

Let’s explore how this can work for your models.

Company
Amazon
Industry
Software
Company size
Enterprise
Pain point
Lacked a scalable red-teaming program to expose model vulnerabilities
Collinear SimLab Use Case
Collinear adversarial data
About the company

A frontier AI research group within a FAANG company that focuses on building advanced AI agents and foundation models capable of planning, reasoning, and taking useful actions in both digital and physical environments..

Amazon AGI Labs was looking to train a SOTA foundation model for enterprise and consumer applications. Safety, robustness, and reliability are non-negotiable for their use cases. To support global deployment, the lab required a scalable red-teaming program to expose vulnerabilities across modalities, languages, and domains, and generate datasets to strengthen post-training alignment.

Challenge

As Amazon AGI Labs advanced toward state-of-the-art foundation models, traditional testing methods fell short.

  • Evolving attack surface – Models had to withstand multi-turn, multi-modal, and multi-lingual prompts beyond the reach of static benchmarks.
  • Blind spots in safety – Conventional red-team efforts missed domain-specific risks in areas like healthcare, finance, and compliance.
  • Scaling limitations – Human experts could find failures, but lacked a repeatable process to generate coverage at thousands of samples.
  • Weak feedback loop – Detected vulnerabilities often failed to translate into structured datasets for post-training improvement.

The lab needed a systematic and repeatable red-teaming program that could scale expert judgment, uncover novel jailbreaks, and feed directly into model refinement.

Solution 

Collinear partnered with Amazon AGI Labs to deliver a structured red-teaming solution purpose-built for frontier foundation models.

  • Custom attack design: Novel jailbreak prompts crafted across multi-turn, multi-modal, multi-lingual, and domain-specific scenarios.
  • AI-assisted scaling: Reward model-driven pipelines amplified human experts, enabling thousands of high-quality adversarial samples.
  • Structured evaluation: Each sample was scored with AI Judges and validated by humans to ensure actionable fidelity.
  • Dataset handoff: Vulnerability findings were delivered as structured datasets, ready to plug into post-training workflows.

This approach transformed red-teaming from one-off penetration testing into a repeatable, data-driven process that directly supported safer model deployment.

Results

The engagement delivered breadth, depth, and novelty at a scale unmatched by prior efforts:

  • 1,000+ validated jailbreaks generated in a single red-teaming cycle
  • Coverage across 17 safety categories mapped to regulatory and internal risk frameworks
  • Novel attack styles spanning text, image, and video prompts
  • Exposure of emerging vectors including multi-turn exploits, multi-lingual attacks, and compliance-sensitive scenarios

These results equipped Amazon AGI Labs with a structured dataset of vulnerabilities that could be fed directly into post-training to strengthen safety and robustness.

Scale Safety. Strengthen Trust.

This frontier AI lab proved that safety at scale requires more than one-off tests. By generating 1,000+ jailbreaks across 17 categories—spanning text, image, and video—it built the structured datasets needed to harden state-of-the-art foundation models.

If your organization is advancing generative AI, the path forward is clear: red-team systematically, capture vulnerabilities as data, and turn safety into a competitive advantage.

Let’s explore how this can work for your models.

Stop launch-and-pray AI.

Simulations catch failures before your customers do.

Try our Platform