When Can You Poison Rewards? A Tight Characterization of Reward Poisoning in Linear MDPs

This project represents a high-quality academic contribution to RL security theory rather than a commercial tool. Its defensibility is low because it is primarily a theoretical framework; while the proofs are novel, they are intended for the public domain and lack a productized moat. The unusual statistic of 7 forks to 0 stars within 3 days suggests it is likely a paper undergoing peer review or being used in a specific research lab context. Frontier labs (OpenAI, Anthropic) focus on RLHF and alignment at scale; they are unlikely to build specific products for Linear MDP poisoning, though they may incorporate the theoretical insights into their internal safety red-teaming. The 'moat' here is pure intellectual capital. Competitors would be other academic RL security papers (e.g., from Berkeley's CHAI or Stanford's SISL). The primary risk to this work's relevance is the shift in RL research from Linear MDPs to more complex, non-linear foundations (Deep RL) where these specific tight characterizations might not directly hold.