Probity is a method for testing whether an AI coding agent's success claim is supported by evidence. The target failure is false green: the workflow looks green, but the evidence does not justify trusting the result.
Agent evaluation often starts from a fragile signal:
The agent finished once -> the task is done -> ship it
That signal collapses several different facts into one story:
- whether the final state passed the checker;
- whether the agent honestly described that final state;
- whether the agent edited the test oracle;
- whether the result repeats across independent runs;
- whether the environment was healthy.
Probity separates those facts.
registered task
-> fresh isolated worktree per run
-> deterministic checker
-> claim/evidence comparison
-> integrity flags
-> repeated-trial statistics
-> PASS / KILL / INSUFFICIENT
The method has six parts.
A task defines:
- the workspace;
- the agent command;
- allowed files;
- protected files;
- critical rules;
- the deterministic checker;
- the reliability claim
r; - the number of trials
k.
This prevents the evaluation from moving the target after seeing the output.
The built-in verdict path is:
checker -> stats -> verdict
It contains no LLM call, no LLM judge, and no LLM-written failure summary.
Custom script checkers are allowed, but they are trust inputs owned by the task author. Probity can record their output; it cannot prove that an arbitrary custom checker is semantically correct.
The agent's final self-report is parsed separately from the checker's result.
agent: CLAIM: success
checker: failed
result: false_claim
This matters because a failed run that claims success can still fool a human single-run workflow.
If the agent edits protected tests or other protected oracle files, the run is not treated as evidence of capability. It is an audit-integrity failure.
Each run starts from a fresh git worktree. One lucky run is not enough evidence. Repeated runs expose flakiness, degradation, partial fixes, and rare destructive actions.
Probity uses a confidence interval over repeated trials. Small k can refute a
high-reliability claim, but it usually cannot confirm one.
That is why INSUFFICIENT is a first-class outcome, not an error.
| Evaluation weakness | Improvement |
|---|---|
| Single-run optimism | Repeated trials |
| Self-reported completion | Claim/evidence separation |
| Test oracle mutation | Protected-path audit |
| Hidden scope changes | Allowed-path audit |
| Overconfident small samples | Wilson interval + INSUFFICIENT |
| Judge hallucination | Zero-LLM built-in verdict path |
| Hard-to-review reports | Evidence bundle and repro command |
Probity does not:
- prove correctness;
- prove that an agent never makes false claims;
- detect all hallucinations;
- rank models;
- replace a human security review;
- validate open-ended work without a deterministic checker;
- make a bad checker good.
Use:
Agent reliability methodology for false-green testing of AI coding agents.
Avoid:
The only agent evaluation tool.
Proves agents are correct.
Detects all hallucinations.
Guarantees safe code.