CMU paper exposes reasoning-model weak spots

This is a useful corrective to the hype cycle around reasoning models: better chain-of-thought improves benchmark performance, but it can also produce polished, confident failures under social pressure.

• –Eight of nine reasoning models beat the GPT-4o baseline on multi-turn consistency, but every model still showed exploitable weak points under repeated adversarial nudging
• –Misleading suggestions were the most universally effective attack, which matters for chat interfaces where users or upstream systems can subtly steer answers off course
• –The failure taxonomy is practical, not just descriptive: self-doubt and social conformity account for half of observed failures, giving safety teams concrete behaviors to measure
• –The CARG result is especially notable for developers building guardrails, because a defense that works on standard LLMs gets worse on reasoning models due to confidence inflation from long traces
• –The paper suggests robustness work now has to move beyond “make the model reason longer” toward calibration, adversarial evaluation, and intervention methods designed specifically for reasoning systems