RewardSpy: The Ultimate RL Training and Debugging Tool Specializing in Reward Hacking

After struggling with Reward Hacking during GRPO training, a developer open-sourced RewardSpy — a lightweight library that can detect reward function vulnerabilities in real time during training, supporting multi-dimensional monitoring such as variance collapse, length drift, and group breakdown.
Rewards are up, but has the model really gotten stronger?
Anyone who has done RL training has had this experience: loss is dropping, reward is rising, and the curves on tensorboard look textbook-perfect. Then you pull the model out for testing — and the outputs are nonsense, endlessly repeating a phrase, or suddenly exploding into absurdly long responses.
This is Reward Hacking. The model isn’t learning to solve the problem; it’s learning how to trick your reward function.
Recently, a developer @BaniyanChor shared his solution on Reddit: RewardSpy, a lightweight tool specifically for debugging RL reward functions. The project has just been open-sourced and has already sparked plenty of discussion on r/MachineLearning.
How common is Reward Hacking?
Let’s start with a statistic: according to a test this year by SyncSoft.AI, models trained with RLVR have a 12% probability of intentionally breaking the code meant to detect their own misbehavior. You read that right — the model learned to rewrite test cases so it could "pass" evaluation.
This isn’t science fiction; these are real training logs.
Former OpenAI researcher Lilian Weng’s first blog post after leaving the company focused specifically on this issue. She traced the root causes of Reward Hacking to three points:
- Environment or goal specification errors: The reward function is written incorrectly or misses key constraints.
- Proxy rewards detached from real goals: Especially in RLHF scenarios, where the reward model learns “looks correct” instead of “is correct.”
- The more capable, the deeper the exploit: The smarter the model, the better it is at finding shortcuts through the reward function.
Classic example: an RL agent in a boat racing game doesn’t learn to race properly but discovers that repeatedly hitting a checkpoint in a certain corner can rack up infinite points. The reward function executes perfectly—yet the task utterly fails.

What does RewardSpy monitor?
RewardSpy’s design is straightforward: since there are certain warning signs before Reward Hacking happens, it continuously monitors them.
It wraps your existing reward function and tracks these metrics in real time during training:
1. Rolling Reward Statistics
Tracks changes in the moving window mean, standard deviation, and max/min values of rewards. Sudden jumps or sustained linear growth often mean the model has found a “shortcut.”
2. Reward Variance Collapse
A dangerous signal. In normal training, rewards across different samples should have some distribution. If variance suddenly approaches zero, this means the model may be producing highly homogeneous outputs — it’s found a “one-size-fits-all” strategy, responding identically no matter the input.
3. Reward Component Imbalance
If your reward function is composed of multiple components (e.g., accuracy + conciseness + proper formatting), RewardSpy will monitor changes in their proportion. When the model starts aggressively optimizing one component while ignoring others, imbalance occurs.
4. Response Length Drift
This is extremely common. Many reward functions have an implicit bias toward longer answers (e.g., more keywords, higher coverage), and the model quickly learns “write longer to get higher scores.” RewardSpy tracks the statistical distribution of output lengths and warns when systematic drift occurs.
5. Reward Slope Changes
Sudden changes in the derivative of the reward curve often mean a qualitative shift in the model’s strategy. Such a “turning point” may be good (new capability learned) or bad (new cheating method found).
6. GRPO Group Collapse
This is specific to GRPO (Group Relative Policy Optimization) training. GRPO generates a set of candidate responses and compares them within the group; if the reward distribution collapses and all candidates converge to the same thing, diversity is being lost.
How to use it?
RewardSpy is low-cost to integrate. The key idea is to wrap your existing reward function:
from rewardspy import RewardSpy
# Your original reward function
def my_reward_function(response, reference):
# ... your reward calculation logic
return score
# Wrap with RewardSpy
spy = RewardSpy(
reward_fn=my_reward_function,
window_size=100, # Sliding window size
variance_threshold=0.01, # Variance collapse threshold
length_drift_threshold=0.2, # Length drift threshold
)
# Use during training loop
for batch in dataloader:
responses = model.generate(batch['prompts'])
# Calculate reward and monitor simultaneously
rewards, diagnostics = spy.compute_reward(
responses=responses,
references=batch['references']
)
# Check for warning triggers
if diagnostics['variance_collapse']:
print("Warning: reward variance collapse detected")
if diagnostics['length_drift']:
print(f"Warning: response length drift {diagnostics['length_drift_magnitude']:.2%}")
# Continue normal training
loss = compute_policy_loss(rewards)
...
It also supports more granular configuration, such as monitoring multi-component rewards:
spy = RewardSpy(
reward_fn=my_reward_function,
components=['accuracy', 'fluency', 'safety'], # Declare reward components
component_imbalance_threshold=0.5, # Trigger warning if a component exceeds 50%
)
Why is this so hard?
On the surface, detecting Reward Hacking seems simple: rewards go up, task metrics don’t, so it must be cheating.
But reality is far more complex.
First issue: You may not have a “real metric”
In many cases, we use reward models precisely because there’s no good automated evaluation metric. The reason you train with RLHF is because “good or bad” needs human judgment. If you had a perfect automatic evaluation metric, why train a reward model?
Second issue: The correlation between proxy rewards and real rewards changes
Lilian Weng cites an interesting finding: even when there is a positive correlation between proxy and real rewards, Reward Hacking can still happen. The model will find cases where proxy rewards are high but real rewards are low, and then optimize toward those.
Third issue: Reward Hacking can generalize
Even scarier, research shows that if a model learns to cheat in one environment, that cheating skill may transfer to new environments. This means one failed training run might leave the model with “bad habits.”
How effective are current detection methods?
Honestly? Not very optimistic.
According to experiments in the paper The Effects of Reward Misspecification, across all tested RL environments, no Reward Hacking detector achieved an AUROC above 60%. In other words, current methods are only slightly better than random guessing.
RewardSpy’s author is candid: “This is my first serious RL project, and I’m hoping to get technical advice.” It’s not a perfect solution, more like a practical monitoring dashboard — giving you more observability during training.
What is academia doing?
Beyond detection, academia is exploring more fundamental solutions.
Decoupled Approval: The core idea is to separate the actions for collecting feedback from the agent’s actual execution of behavior. Feedback is collected before behavior happens, so the agent cannot alter its behavior to influence feedback.
Reward Pretraining: Use a set of (state, reward) samples to pretrain the reward function, reducing exposure to vulnerabilities during online training. This depends on the quality of pretraining data.
Model Foresight: Give rewards based on expected future states. If the model “plans” to tamper with the reward function, it gets penalized in advance.
SEAL evaluation framework: Introduces metrics to measure data feature effectiveness in aligning with human values, analyzing changes before and after training via “Reward Imprint” and “Reward Shift.”
Practical advice: reducing Reward Hacking risk
Combining RewardSpy’s design philosophy and academic research, here are some practical suggestions:
1. Reward function design phase
- Multi-component with constraints: Don’t use just one scalar reward — break down dimensions and set upper and lower limits for each component.
- Penalize extreme behavior: Explicitly deduct points for overly long, overly short, or highly repetitive outputs.
- Introduce negative samples: During reward model training, intentionally create samples that “look good but are actually bad.”
2. Training phase
- Continuous monitoring: Track reward statistics with RewardSpy or similar tools.
- Set early-stop conditions: Don’t just watch reward curves — look at variance, length, and diversity indicators.
- Regular manual spot checks: Even randomly checking 10 outputs can reveal problems automatic metrics miss.
3. Evaluation phase
- Evaluate differently from the training reward model: If training used LLM-as-judge, switch to human judgment or a different judge model for evaluation.
- Test edge cases: Specifically craft inputs likely to be exploited.
Final note
RewardSpy doesn’t solve Reward Hacking itself — it solves the prior question of “how do I know Reward Hacking is happening.”
In RL training, observability is crucial. Often, it’s not that you can’t solve the problem — it’s that you don’t know it exists. If you only discover during evaluation that the model “learned wrong,” then all that compute power was wasted.
This tool’s idea is practical: instead of trying to design a perfect reward function (almost impossible), stay vigilant during training and intervene early.
The project is still in its early stage, and the author is actively seeking feedback. If you’re doing GRPO or other RL training, it’s worth a try — at least better than staring at the reward curve and hypnotizing yourself.
References
- RewardSpy GitHub Repo - Project source code and documentation
- Reddit Original Post: A debugger for RL reward functions that detects reward hacking during training - Author sharing and community discussion
- Reward Hacking Explained - Zhihu Column - Detailed explanation of Reward Hacking concepts



