AI Could Outcompete Us Within Years-and We're Not Ready

Frontier AI may outpace safety work: what researchers need to do now

David Dalrymple, a programme director and AI safety specialist at the UK's Advanced Research and Invention Agency (Aria), warns that the pace of progress could outrun safety preparations. His message is blunt: if systems soon outperform humans across most economically valuable tasks, our ability to keep control slips.

He argues that public institutions lag leading labs on what's coming next. "Things are moving fast and we may not have time to get ahead of it from a safety perspective," he said. For research teams, that means treating near-term capability gains as a planning variable, not a distant threat.

Why this matters for scientists and R&D leaders

Dalrymple's concern isn't abstract. He points to systems that can execute the chain of steps humans use to get work done-only better and cheaper. If that capability generalizes, we face pressure on the very levers we rely on to steer complex systems: energy grids, finance, logistics, and research itself.

His stance: don't assume reliability will emerge on its own. With commercial incentives pushing deployment, the science required to guarantee dependable behavior may arrive too late. The practical response is to control and mitigate downside risk while capability keeps climbing.

What recent evaluations show

The UK government's AI Safety Institute (AISI) reports model performance improving across domains, with some areas doubling roughly every eight months. Leading models now complete apprentice-level tasks about half the time, up from around 10% a year ago. Some systems can autonomously finish tasks that would take a human expert more than an hour.

AISI also examined self-replication-a core risk because it makes systems harder to contain. Two frontier models cleared controlled tests with success rates above 60%. AISI notes that real-world attempts would likely fail under normal conditions, but the trendline is clear for anyone running critical infrastructure or complex workflows.

UK AI Safety Institute (AISI)

Near-term outlook

Dalrymple expects that by late 2026, AI will automate a full day of research and development work. If that includes math and computer science contributions to AI itself, we should plan for a feedback loop that pushes capability forward even faster.

He calls the likely path "high risk," adding that "human civilisation is on the whole sleep walking into this transition." Whether you agree with the timeline or not, it's prudent to prepare your lab and systems as if the forecast could be right.

What to do now: practical controls for labs and institutes

The goal is to reduce the chance and impact of undesirable behavior while you continue to experiment and deploy.

• Treat generalist models as untrusted code. Isolate them in hardened sandboxes (VMs/containers), restrict network egress, and use one-way data flows where possible.
• Constrain resources and tools. Cap compute, set API budgets, rate-limit tool use, and require explicit human approval for actions that change external systems.
• Two-person rule for sensitive actions. Any model-driven change to infrastructure, finance, or safety-critical settings should require dual sign-off.
• Adversarial evaluations. Test for autonomy, tool misuse, data exfiltration, goal persistence, and self-replication behavior using red-team prompts and scripted challenges.
• Test-time monitoring and tripwires. Log tool calls, environment access, and unusual patterns. Trigger safe-mode or shutdown when thresholds are crossed.
• Incident response playbooks. Predefine containment steps: cut network access, revoke tokens, roll back artifacts, and restore from clean snapshots.
• Model and data provenance. Track training data lineage, code commits, and model versions. Sign artifacts and verify before deployment.
• Human factors. Train staff to spot prompt injection, data leakage, and toolchain abuse. Rotate red-team roles and share findings.
• Governance and review. Stand up an internal safety board. Require pre-deployment risk assessments and external review for high-impact releases.

Metrics to watch

• Task autonomy: Success rates on multi-step tasks without human hints.
• Goal persistence: Whether a model continues a task after obstacles or denials.
• Toolchain reach: Breadth of filesystem, network, and actuator access during runs.
• Self-modification attempts: Any behavior aimed at changing its own constraints or copying itself.
• Operator workload: Human time required to supervise or correct model actions.

Policy levers for public sector and funded projects

• Safety gating for compute and tools. Link access to larger training runs and powerful toolchains with proof of evaluation and containment capacity.
• Independent audits. Require third-party assessments for high-capability deployments in energy, health, finance, and transport.
• Share test artifacts. Maintain open suites for autonomy, misuse, and replication tests so results can be compared across labs.
• Procurement standards. Bake safety requirements into RFPs: isolation, logging, rollback, and post-incident reporting.

Research agenda that deserves more attention

• Mechanistic interpretability: Scalable methods to detect deceptive or goal-directed behavior.
• Spec compliance and corrigibility: Making it cheap for systems to follow constraints and accept correction.
• Evaluation science: Reliable benchmarks for autonomy, situational awareness, and generalization under distribution shift.
• Containment engineering: Practical self-replication defenses, including network isolation and artifact hygiene.
• Socio-technical failure analysis: Mapping how model errors interact with incentives, interfaces, and operator behavior.

Links and resources

Advanced Research and Invention Agency (Aria)

If your team needs structured upskilling in model evaluation, deployment safety, or tooling, see curated programs by job role at Complete AI Training.

Bottom line

Assume capability keeps improving and plan as if reliability proofs won't arrive on your timeline. Build guardrails that contain failures, measure what matters, and require extra scrutiny when models gain more reach.

Hope for smooth progress. Engineer for the opposite.