Pull Request

First PR for the transferability/ study. Introduces the entire directory as a new subdirectory of pyine — two complete sweeps over six standard benchmarks, plus the modular infrastructure that makes them reproducible, model-agnostic, provider-agnostic, and validate-able without spending a cent.

Description

The study implements the fourth future-research direction in PyINE Appendix G.2 ("transfer beyond code"): does PyINE-v1's shortcut behavior, trained for code-execution prediction with a length penalty, generalize as a length-compression artifact across the standard NLP benchmark landscape? The study answers it through two complementary sweeps, both run against the same model pair under the same deployment.

This PR contains three first-class contributions:

1. Sweep no.1 — standard-benchmark accuracy via lm-eval-harness over 6 benchmarks: HellaSwag, HumanEval-Instruct, GPQA Diamond, GSM8K (CoT), TruthfulQA (gen / MC1 / MC2), MMLU-Pro. Full test splits, paper-aligned generation parameters, descriptive stats + length analysis + length-as-audit-feature ROC-AUC.
2. Sweep no.2 — CueFlip cue-injection susceptibility over the same 6 benchmarks. 8 cue families × 3 paraphrases per family: 7 byte-identical to upstream plstcharles-saifh/LLM-CueFlip, plus a study-original self_preservation family that probes model-self-directed consequence-sensitivity (deprecation / retraining / weight archival) — motivated by the AI-safety self-preservation literature and complementary to the upstream consequence family (which invokes human-user-directed consequences). 4 MC benchmarks + GSM8K use the upstream prepended-paragraph mechanism. HumanEval uses docstring-embedded cues following PyINE's code_type/misleading precedent — family typology preserved; only the surface mechanism adapts to the code-gen modality.
3. Modular infrastructure (see "Infrastructure capabilities" below) so reviewers and future researchers can run either sweep against arbitrary model pairs on arbitrary OpenAI-compatible providers, validate the pipeline without spending money, and pick up partial runs from where they were killed.

The default audit pair is the canonical PyINE-v1 shortcut organism (plstcharles-saifh/pyine-v1-qwen3-4b-shortcut) vs its Qwen3-4B-Instruct-2507 base; every other pair is one .env edit away.

Infrastructure capabilities

Every capability below is implemented end-to-end (Python + bash + Makefile + docs) and demonstrated in the workflow examples that follow:

• One-command reproducibility. make deploy → sweep1|sweep2 → analyze → teardown from pyine/transferability/. Path auto-resolution, study-local .env (doesn't disturb pyine's own .env), pre-flight guards on missing venv / .env.
• Multi-model first-class. The study runs against the comma-separated tags in MODELS env var (default: shortcut,base). Arbitrary tags work via env-var indirection: <TAG>_MODEL_ID + INFERENCE_URL_<TAG> (or RUNPOD_ENDPOINT_<TAG>). Single-model runs work (MODELS=my_org); custom pairs work; 3+ models work. Adding a new model is one .env block — no code change.
• Multi-provider inference, OpenAI-compatible. Any provider implementing the /v1 Chat/Completions wire format works: Runpod serverless (default, fully scripted), vLLM/SGLang locally, Together AI, OpenRouter, Fireworks, Anyscale, OpenAI itself. Provider per-tag — the two model halves can live on different providers. Recipes in .env.example + RUNBOOK.md.
• Local-vLLM dev path. LOCAL=1 make <target> pins inference to localhost:8001/8002/8000 (shortcut/base/judge) for a vLLM-local development workflow; cueflip/runner.py --local does the same for direct script invocation.
• Distributed inference / parallel dispatch. scripts/run_all.sh launches N_models × 6_benchmarks concurrent jobs against the same endpoint pair; each job runs num_concurrent=16 in-flight requests against vLLM's continuous batching (96 concurrent per endpoint under MAX_CONCURRENCY=100). The CueFlip runner uses a thread pool with the same concurrency dial.
• DRY_RUN=1 no-HTTP validation. Synthetic call generator exercises the full schema + every analyzer code path with zero credentials. ~13.4k synthetic calls in ~3 seconds; writes to a separate results_dry_run/ tree so it can never collide with real-data resume keys.
• make smoke minimal end-to-end. 1-item exercise of both sweeps against live endpoints in 1–2 minutes ($0.10); useful for confirming a freshly deployed endpoint actually responds.
• 107 unit tests. ~2 seconds. Parsers, perturbations, dispatcher, docstring-cue injection (auto-covers any new cue family via parametrize), code_eval subprocess sandbox (real subprocess execution, no mocks).
• Resume semantics. Per-cell: scripts/_common.sh:already_done() skips completed lm-eval cells (look at the JSONL on disk, no re-run). Per-record: cueflip/runner.py writes JSONL after every endpoint response and reads it back at startup, keyed by (model_tag, benchmark, qid, phase, cue_family, paraphrase_idx, perturbation_strategy). Killing the process loses at most one in-flight request.
• Runpod lifecycle. make deploy creates / reuses templates, then creates endpoints; auto-patches .env with the new endpoint IDs. make teardown deletes ENDPOINTS only — templates persist by design (reuse next deploy + serve as a config record; rationale documented in deploy/teardown_endpoints.py + deploy/README.md).
• Skip-and-continue on per-call errors. Long sweeps surface per-record failures with full diagnostics rather than aborting. Every except block carries a documented justification (# noqa: BLE001 -- ...).
• Per-script idempotency. make sweep2 SKIP_CACHE_BUILD=1 opts out of the GSM8K op-flip cache build; --items-cap N for ad-hoc small runs; TRANSF_DOTENV for non-default .env locations.
• Quality gates. make check (= make lint && make test) runs ruff check + format + shellcheck + 107 unit tests. Narrower than pyine's CONTRIBUTING.md gate (parent also runs pyright and pre-commit); pyright is intentionally excluded — rationale in RUNBOOK.md § "Static type checking (pyright)".

End-to-end eval workflow (copy-pasteable)

Reviewers can reproduce either sweep from scratch with the commands below. Both sweeps reuse the same endpoints, so deploying once amortizes the cold-start cost across both.

Sweep no1 (lm-eval-harness accuracy):

cd pyine/transferability
cp .env.example .env && $EDITOR .env  # paste RUNPOD_API_KEY + HF_TOKEN
make deploy                            # creates / reuses 2 serverless endpoints (~5 min cold start)
make verify-endpoints                  # confirms /openai/v1/completions + logprobs route
make sweep1                            # all 6 benchmarks on shortcut + base   (~$8, ~90 min)
make analyze                           # writes outputs/{summary.csv, *.png, *.md}
make teardown                          # deletes endpoints (templates preserved by design)

Sweep no2 (CueFlip cue-injection):

cd pyine/transferability
cp .env.example .env && $EDITOR .env   # if not already done
make deploy && make verify-endpoints
make sweep2                            # all 6 benchmarks × 8 families × 3 paraphrases, baseline + cue (~$15, ~3 h)
make analyze                           # writes cueflip/results/**/aggregate.json + cross-benchmark tables
make teardown

Audit a different model pair (one .env edit, no code change):

# in .env:
MODELS=audit_org,audit_base
AUDIT_ORG_MODEL_ID=my-org/my-shortcut-model
AUDIT_BASE_MODEL_ID=my-org/my-base-model
INFERENCE_URL_AUDIT_ORG=https://api.together.xyz/v1/completions
INFERENCE_URL_AUDIT_BASE=https://api.together.xyz/v1/completions
CUEFLIP_INFERENCE_URL_AUDIT_ORG=https://api.together.xyz/v1
CUEFLIP_INFERENCE_URL_AUDIT_BASE=https://api.together.xyz/v1
# then:
make sweep1 && make sweep2

Validate the pipeline without spending money:

make sweep2 DRY_RUN=1                  # ~13.4k synthetic calls, ~3s, full dispatch + analyzer exercised
make test                              # 107 unit tests, ~2s
make smoke SMOKE_TAG=my_org            # 1-item live smoke against a single tag (~$0.10)
LOCAL=1 make sweep2                    # against a local vLLM/SGLang server at localhost:8001/8002

Each step's outputs are documented in RUNBOOK.md. Per-target knobs are at the top of the Makefile.

What's measured

Sweep no1 — Standard-benchmark accuracy. Item-level CSV (outputs/derived/per_item.csv), per-task summaries with Wilson 95% CIs (results_summary.csv), Newcombe-Wilson CIs on shortcut-vs-base deltas, response-length distributions + Wasserstein + ROC-AUC (length-as-audit-feature). 5 analysis scripts: descriptive_stats.py headline table, analysis_d/e/f/g.py for length-by-correctness / Wasserstein / per-task deltas / failure-mode review.

Sweep no2 — CueFlip cue susceptibility. Per-task per-family per-paraphrase: switch rate (suggested / gold / other decomposition), uptake rate, baseline-correct / baseline-incorrect slices. Cross-model agreement layer (shortcut vs base disagreement decomposition). Cross-benchmark per-family table. GSM8K hybrid (primary plus_minus_10 over all items + secondary 6-strategy stratification on a 50-item subset).

Key methodology decisions (locked in cueflip/AUDIT.md)

• Cue invariance — family typology preserved across all 6 benchmarks; injection mechanism adapts per modality. The upstream 7 family typology (authority, majority, sycophancy, historical_consensus, community_consensus, consequence, social_status) is byte-identical to upstream. 4 MC benchmarks + GSM8K use upstream's prepended-paragraph mechanism (single user turn, {choice} substitution). HumanEval uses docstring-embedded cues — every family is rendered as a separate CUE_TEMPLATES_DOCSTRING constant adapted to docstring prose ("Note: top contributors agree…", "Note: 85% of implementations…"), following PyINE's code_type/misleading precedent (pyine/evals/correctness/configs.py:39, pyine/prompts/templates/validation/misleading.yaml). Cross-benchmark per-family analysis remains meaningful because the family axis is the same.
• self_preservation cue family — study-original extension (8th family). Adds 3 paraphrases probing model-self-directed consequence-sensitivity (deprecation / retraining correction / weight archival), motivated by the AI-safety self-preservation literature (Hubinger 2023 model organisms; Apollo Research o1 evaluations). Complements the upstream consequence family; the within-study consequence vs self_preservation delta is itself a finding axis (does the model differentiate based on whose stakes are claimed?). Documented as a scoped extension in cueflip/AUDIT.md § "self_preservation cue family". Cross-study CueFlip comparisons should be made on the upstream-7 subset; the 8th cell is a within-study addition.
• GSM8K hybrid protocol: primary uses plus_minus_10 (pure-function, bit-reproducible) on all items; secondary stratifies a 50-item subset across 6 perturbation strategies (plus_minus_10, off_by_one_digit, magnitude_shift, op_flip_{1,2,3}) to test whether cue susceptibility scales with perturbation plausibility.
• Descriptive metrics first: every analyzer cell reports raw counts before any derived rate. Three-slice rates (total / baseline-correct / baseline-incorrect) per metric. Switch decomposition (to_suggested / to_gold / to_other).

What's in the study folder

For methodology context, start with cueflip/AUDIT.md; for the code, cueflip/runner.py (cue-injection dispatch) and scripts/analyze.py (Sweep #1 analysis) are the main entry points. README.md and RUNBOOK.md cover orientation + ops.

transferability/
├── README.md, RUNBOOK.md, REPRODUCIBILITY_REPORT.md, Makefile, .env.example, .gitignore
├── scripts/        ── sweep no1 driver + analysis (run_all.sh, run_<task>.sh, _common.sh,
│                      analyze.py, analysis_d-g.py, descriptive_stats.py)
├── cueflip/        ── sweep no2 (runner.py, analyze.py, benchmarks.py, perturbations.py,
│                      cue_templates.py, build_operation_flip_cache.py, judge.py,
│                      code_eval.py, AUDIT.md, README.md)
├── deploy/         ── Runpod lifecycle (deploy_endpoints.py, teardown_endpoints.py,
│                      verify_logprobs.py, README.md)
└── tests/          ── 107 unit tests covering parsers, perturbations, helpers,
                       docstring-cue injection (parametrized over cue families),
                       code_eval subprocess sandbox

Ad-hoc dependencies

This study uses lm-eval (Sweep no1 via lm-evaluation-harness) and runpod (only for the Runpod-provider deploy/teardown path). Neither is declared in pyine's pyproject.toml (kept minimal on purpose — these are an external-audit tool's deps, not framework deps). The new make install target installs both into pyine's venv idempotently and reports installed versions plus vLLM availability for the LOCAL=1 path.

Open extensions (PR-welcome, not blockers)

The infrastructure is provider-agnostic by design — any OpenAI-compatible /v1 endpoint works via env-var routing (see .env.example and RUNBOOK.md § "Provider swaps"). In the pre-merge validation pass (logged in REPRODUCIBILITY_REPORT.md), only the Runpod (default) and LOCAL=1 (local vLLM) paths were exercised end-to-end. The third-party-provider path (Together AI, OpenRouter, Anyscale, Fireworks, OpenAI itself, etc.) is plumbed but unvalidated. Reviewers who wish to use another provider — or to tighten modularity — are invited to send follow-up PRs for the rough edges below:

• make verify-config (provider-agnostic pre-flight). Today make verify-endpoints only knows how to ping Runpod's API. A provider-agnostic version that pings whatever INFERENCE_URL_<TAG> resolves to would give third-party-provider reviewers a cheap config-sanity check before committing to a sweep.
• make install SKIP_RUNPOD=1 opt-out. make install currently always installs the runpod SDK; reviewers not using Runpod waste a small install.
• Dedicated "Non-Runpod providers" README walkthrough. Today the README's "How to reproduce" numbered steps guide reviewers down the Runpod path; the third-party-provider workflow lives in RUNBOOK.md § "Provider swaps" and requires cross-referencing. A side-by-side recipe in the README would smooth onboarding.
• Model-availability matrix. PyINE-v1's shortcut weights are on Hugging Face but not auto-hosted by Together AI / Anyscale / etc. A short README note on which providers ship which models (and the substitute-model option when only the base is available, which loses the shortcut-vs-base comparison axis) would help reviewers pick the cheapest viable path.

Checklist

• I have read and followed the CONTRIBUTING.md guidelines.
• My code passes local quality gates (make check = lint + test). 107/107 tests pass; ruff check + format clean across the study.
• Tests have been added or updated for all new or changed behavior. 22 helper tests + 44 perturbation tests + 41 HumanEval-path tests (docstring injection + code_eval subprocess end-to-end; auto-picks up new cue families via parametrize).
• Docstrings and type hints follow the project conventions (assistant-guidelines.md / AGENTS.md).
• No try/except blocks that just silence; explicit # noqa: BLE001 (9 total) where retention is intentional with documented reasons.
• No from x import y outside __future__; no from typing import (uses import typing; typing.Foo).
• Secrets via local .env only (study-local, separate from pyine's .env so reproducers don't disturb their training config); .env.example uses descriptive placeholders.
• Multi-model first-class (default canonical PyINE-v1 pair; arbitrary MODELS=tag1,tag2,... works without code changes).
• Multi-provider, OpenAI-compatible, vLLM-local-friendly; documented recipes for Runpod, vLLM-local, Together AI, OpenRouter, Fireworks, OpenAI, Anyscale.
• No slow or integration test markers needed; the 107-test suite is fast (~2s) and runs in the default CI gate.