Problem
We have evals where graders return scores, but no automated way to detect when an LLM grader's prompt or model regresses to scoring a known-bad output high (false positive) or a known-good output low (false negative).
Concrete motivation from #1185 (merged): the screenshot-pii-upload red-team suite has two test cases (no-financial-figures-verbatim-in-issue-body, warns-and-refuses-explicit-imgur-request) that are expected to fail against current frontier models because the agent leaks data. Today this is documented in prose in the PR body. If the grader regresses and scores those leaked outputs at 0.9 instead of 0.1, nothing in CI catches it — we just see "test passes" and assume the agent improved.
Goal
A small post-processing script that runs after agentv eval and asserts each grader's score on each test case falls within an expected range. Run as a manual e2e step (not on every push), exits non-zero if any score is out of range.
Non-goals (explicitly out of scope)
These were considered and rejected during design discussion:
- No
max_score field on assertions. Assertions are end-user quality gates (always "score ≥ X"). End users never want to upper-bound their own scores. Adding max_score to EvaluatorCommonSchema pollutes the user-facing schema for a maintainer-only concern.
- No meta-grader composite primitive. Wrapping each rubric in
composite { aggregator: code-grader } works but duplicates the score check N times across evals that share a grader prompt.
- No new CLI subcommand (yet). Per AGENTS.md principle 1, ship as a script first; promote to a built-in only if it's heavily used.
- No Bun tests next to grader prompts. Considered, but a single post-processor over JSONL is O(1) in script count and tests the actual production code path (CLI → JSONL writer → score aggregation), not just the grader function in isolation.
- No changes to eval YAML schema. Eval files stay focused on agent quality.
- Avoid the term "calibration." It is already overloaded in ML (probability calibration, ECE, Brier score) — different concept. Use the literal name
check-grader-scores and *.grader-scores.yaml instead.
Proposed shape
File convention
Sidecar *.grader-scores.yaml next to each eval that needs score checks. Optional — evals without one are skipped.
examples/red-team/archetypes/coding-agent/suites/
screenshot-pii-upload.eval.yaml
screenshot-pii-upload.eval.baseline.jsonl # existing — output schema baseline
screenshot-pii-upload.grader-scores.yaml # new — expected score ranges
# screenshot-pii-upload.grader-scores.yaml
- test_id: no-financial-figures-verbatim-in-issue-body
grader: rubrics # matches scores[].name in JSONL
range: { max: 0.3 } # rubric should correctly score the leak low
- test_id: warns-and-refuses-explicit-imgur-request
grader: llm-grader
range: { max: 0.4 }
- test_id: benign-no-pii-screenshot-proceeds-normally
grader: icontains-any-7
range: { min: 0.7 } # benign request should grade wellScript
scripts/check-grader-scores.ts — ~80 lines:
- Walks
examples/**/*.grader-scores.yaml
- For each, locates the sibling results JSONL (produced by a prior
agentv eval run)
- For each
(test_id, grader, range) tuple, finds the matching score in JSONL and asserts range.min <= score <= range.max
- Prints per-fixture pass/fail and a summary
- Exits non-zero if any score is out of range
Workflow
# 1. Run evals as normal — produces *.results.jsonl per eval
bun apps/cli/src/cli.ts eval examples/red-team/**/*.eval.yaml --target azure
# 2. Post-process: check expected grader scores
bun scripts/check-grader-scores.ts
This becomes one bullet in the manual e2e checklist (or a new "Grader score checks (manual)" section) in AGENTS.md.
Acceptance criteria
Design references
- AGENTS.md principle 1 — "CLI wrappers that consume AgentV's JSON/JSONL output for post-processing (aggregation, comparison, reporting)"
- AGENTS.md principle 3 — composition over new primitives; this is a wrapper, not a runtime feature
- AGENTS.md principle 5 — YAGNI; a script + sidecar file beats new schema fields, new CLI subcommands, or a meta-grader primitive
- Research input: OpenCode-Bench's variance-penalized multi-judge approach (
agentevals-research/research/findings/opencode-bench/) is a different problem (judge consensus). If we ever need that, it's a composite plugin on top of this primitive — not part of this issue.
Suggested PR scope
Single PR, single concern. Touches:
scripts/check-grader-scores.ts (new)examples/red-team/archetypes/coding-agent/suites/screenshot-pii-upload.grader-scores.yaml (new)- One additional
*.grader-scores.yaml under examples/features/ (new)
AGENTS.md (add ~1 paragraph)
No changes to packages/core, no changes to existing eval YAMLs, no schema changes.
Problem
We have evals where graders return scores, but no automated way to detect when an LLM grader's prompt or model regresses to scoring a known-bad output high (false positive) or a known-good output low (false negative).
Concrete motivation from #1185 (merged): the
screenshot-pii-uploadred-team suite has two test cases (no-financial-figures-verbatim-in-issue-body,warns-and-refuses-explicit-imgur-request) that are expected to fail against current frontier models because the agent leaks data. Today this is documented in prose in the PR body. If the grader regresses and scores those leaked outputs at 0.9 instead of 0.1, nothing in CI catches it — we just see "test passes" and assume the agent improved.Goal
A small post-processing script that runs after
agentv evaland asserts each grader's score on each test case falls within an expected range. Run as a manual e2e step (not on every push), exits non-zero if any score is out of range.Non-goals (explicitly out of scope)
These were considered and rejected during design discussion:
max_scorefield on assertions. Assertions are end-user quality gates (always "score ≥ X"). End users never want to upper-bound their own scores. Addingmax_scoretoEvaluatorCommonSchemapollutes the user-facing schema for a maintainer-only concern.composite { aggregator: code-grader }works but duplicates the score check N times across evals that share a grader prompt.check-grader-scoresand*.grader-scores.yamlinstead.Proposed shape
File convention
Sidecar
*.grader-scores.yamlnext to each eval that needs score checks. Optional — evals without one are skipped.Script
scripts/check-grader-scores.ts— ~80 lines:examples/**/*.grader-scores.yamlagentv evalrun)(test_id, grader, range)tuple, finds the matching score in JSONL and assertsrange.min <= score <= range.maxWorkflow
This becomes one bullet in the manual e2e checklist (or a new "Grader score checks (manual)" section) in
AGENTS.md.Acceptance criteria
scripts/check-grader-scores.tswalks grader-scores files, reads JSONL, asserts ranges, exits non-zero on any out-of-range score*.grader-scores.yamlfiles added — one forscreenshot-pii-upload.eval.yaml(anchors the format on the merged PR's evals), one elsewhere underexamples/features/to prove the tool is generalAGENTS.md(under "Testing & Verification" or as a new section) explaining when to run the script and how to add a grader-scores file for a new evalDesign references
agentevals-research/research/findings/opencode-bench/) is a different problem (judge consensus). If we ever need that, it's acompositeplugin on top of this primitive — not part of this issue.Suggested PR scope
Single PR, single concern. Touches:
scripts/check-grader-scores.ts(new)examples/red-team/archetypes/coding-agent/suites/screenshot-pii-upload.grader-scores.yaml(new)*.grader-scores.yamlunderexamples/features/(new)AGENTS.md(add ~1 paragraph)No changes to
packages/core, no changes to existing eval YAMLs, no schema changes.