Generative Pre-trained Transformer (GPT) models have exhibited exciting progress in capabilities, capturing the interest of practitioners and the public alike. Yet, while the literature on the trustworthiness of GPT models remains limited, practitioners have proposed employing capable GPT models for sensitive applications to healthcare and finance - where mistakes can be costly. To this end, this work proposes a comprehensive trustworthiness evaluation for large language models with a focus on GPT-4 and GPT-3.5, considering diverse perspectives - including toxicity, stereotype bias, adversarial robustness, out-of-distribution robustness, robustness on adversarial demonstrations, privacy, machine ethics, and fairness. Based on our evaluations, we discover previously unpublished vulnerabilities to trustworthiness threats. For instance, we find that GPT models can be easily misled to generate toxic and biased outputs and leak private information in both training data and conversation history. We also find that although GPT-4 is usually more trustworthy than GPT-3.5 on standard benchmarks, GPT-4 is more vulnerable given jailbreaking system or user prompts, potentially due to the reason that GPT-4 follows the (misleading) instructions more precisely. Our work illustrates a comprehensive trustworthiness evaluation of GPT models and sheds light on the trustworthiness gaps. Our benchmark is publicly available at https://decodingtrust.github.io/.

翻译：生成式预训练Transformer（GPT）模型在能力上取得了令人瞩目的进步，吸引了从业者和公众的关注。然而，尽管关于GPT模型信任度的文献仍然有限，从业者已提议将功能强大的GPT模型应用于医疗和金融等敏感领域——在这些领域，错误可能代价高昂。为此，本文提出了一项针对大型语言模型的全面信任度评估，重点关注GPT-4和GPT-3.5，涵盖多个视角——包括毒性、刻板印象偏见、对抗鲁棒性、分布外鲁棒性、对抗演示鲁棒性、隐私、机器伦理和公平性。基于我们的评估，我们发现了先前未公布的信任度威胁漏洞。例如，我们发现GPT模型容易被误导生成有毒和有偏见的内容，并泄露训练数据和对话历史中的私人信息。我们还发现，尽管GPT-4在标准基准上通常比GPT-3.5更值得信赖，但在面对系统或用户提示的越狱时，GPT-4却更为脆弱，这可能是因为GPT-4更精确地遵循（误导性）指令。我们的工作展示了GPT模型的全面信任度评估，并揭示了信任度差距。我们的基准公开于https://decodingtrust.github.io/。