In reinforcement learning, agents often deviate from true objectives by optimizing proxy rewards, yet existing research predominantly examines reward-hacking phenomena after they occur, lacking methods for early detection of precursor capabilities. This work proposes PRIME (Proxy Reward Internalization and Mechanistic Exploitation), a capability framework that, within code-generation environments, leverages chain-of-thought monitoring, probing, concept vectors, and ablation analysis to reveal— for the first time—that internalized capabilities underlying reward hacking develop in stages prior to observable exploitation. Experiments demonstrate that PRIME serves as an early-warning signal for alignment risks: its probe scores predict both the timing and severity of subsequent reward-hacking behaviors, even when explicit hacking rates are low or true rewards suppress overt exploitation. Ablating activations along PRIME’s identified directions effectively reduces hacking propensity, and the framework exhibits generalization across evaluators and domains.

Reward hacking is usually studied after it becomes visible, once a model earns high proxy reward while failing the intended task. We instead study what proxy RL teaches before that failure appears. We introduce Proxy Reward Internalization and Mechanistic Exploitation (PRIME), a learned capability to assess task correctness, predict proxy acceptance, and reason about exploitable proxy--gold gaps. In coding RL environments with exploitable pytest rewards, we measure PRIME through chain-of-thought monitoring, direct probes, and activation-level concept vectors. We find that PRIME emerges in a staged sequence before sustained reward hacking, and that its current direct-probe score forecasts later hack onset and severity even when the visible hack rate is still low. PRIME also adapts when the evaluator changes, retargeting to whichever proxy--gold gap remains rewarded and persisting when gold reward suppresses overt hacking, and ablating its activation directions reduces hacking. Across checkpoints, in-domain PRIME tracks out-of-domain misalignment. Together these results suggest that exploitable proxy RL amplifies a proxy-internalization capability upstream of visible hacking, making PRIME a candidate early-warning signal for broader alignment risk.