TL;DR: The Oracle's Gambit casts responsible AI release as a bilevel Stackelberg game, finding that for dual-use models the decisive lever is the sequencing of access — pre-releasing to defenders to open a protective capability gap — rather than the deploy-or-withhold threshold.
Abstract
Responsible vulnerability disclosure can secure the defender's head start by controlling when a vulnerability becomes public. However, this status quo is now challenged by increases in capability of AI models, which benefits both defenders and adversaries. When both sides draw their capability from the same AI model, the defender's head start depends on the lab's decision to release the model, and the question becomes not whether to release but how. Existing safety frameworks govern only the deploy-or-withhold threshold and leave the timing of release unmodeled. We cast this decision as a bilevel Stackelberg game in which a lab commits to a window that sets each side's capability over time in a downstream contest between defender and adversary. Defender welfare turns on the capability gap, not the shared level. Handing one model to both sides can trap the defender in a Red Queen's race, whereas a pre-release to the defender alone creates a protective gap, and the lab's optimal window balances this welfare gain against the opportunity cost of delaying release. For dual-use models, the lever is the sequencing of access, not the deployment threshold.
BibTeX
@misc{landolt2026oraclesgambit,
    title         = {The Oracle's Gambit: A Game-Theoretic Framework for Responsible AI Release},
    author        = {Christoph R. Landolt and Tobias Lorenz and Marta Kwiatkowska and Mario Fritz},
    year          = {2026},
    eprint        = {2607.05442},
    archivePrefix = {arXiv},
    primaryClass  = {cs.GT},
    url           = {https://arxiv.org/abs/2607.05442}
}