These days, it seems like every tech company and their corporate parent is looking to squeeze AI tools and features into their products, whether they’re wanted or not. So when files with names and functions referencing a “SteamGPT” appeared in a recent Steam client update, Valve watchers took quick notice.
From the outside, it’s hard to tell precisely what form any such “SteamGPT” would take. But looking through variable names and references in the files themselves suggests that Valve may be looking to use AI tools to streamline internal evaluations of in-game incidents and sift through potentially suspicious accounts.
Looking at the variables
As tracked by the automated SteamTracking GitHub project, the term “SteamGPT” appears multiple times in three separate files added in the April 7 Steam client update. In addition to the SteamGPT naming convention—a seemingly obvious reference to the generative pre-trained transformers popularized by ChatGPT and its ilk—the files include mentions of terms like multi-category inference, fine-tuning, and “upstream models” that point to some sort of generative AI system.
What might that AI be used for? Well, the files contain multiple references to a labeler and “labeling tasks,” working with arguments identifying a “problem” and “subproblem” and looking at an “evaluation_evidence_log” related to a specific “matchid.” Together with mentions of a “logs_to_inference” metamodel, that sounds like it could be a hook into a system for automatically generating labels to categorize the various incident reports made in Steam multiplayer games.
A SteamGPT function makes references to numerous security features.
A SteamGPT function makes references to numerous security features. Credit: SteamTracking / Github
Another portion of the SteamGPT files hints that Valve might use AI tools to summarize suspicious activity history or patterns in potentially fraudulent Steam accounts. A number of “SteamGPTSummary” functions include references to VAC bans, Steam Guard, and account lockdowns. These functions also seem to look at evidence such as email addresses (“high_fraud_email”), use of advanced security features (“two_factor”), and where a linked phone number originates (“phone_country”) to help determine whether an account is on the up-and-up. There are also a few references here to an account’s trust score, which is already used to help secure matchmaking in games like Counter-Strike 2.
