Skip to main content

A reference implementation and methodology for measuring the reliability of LLM agents (the Assevra Reliability Scorecard).

Project description

Assevra

License: MIT

Assevra — from asseverate, to solemnly attest. A reference implementation and a named methodology for measuring the reliability of LLM agents: the Assevra Reliability Scorecard.

This is a personal open-source research project by Veera Ravindra Divi. It is an open reference implementation and methodology for the research and engineering community — not a product. The point is to make agent-reliability measurement concrete, reproducible, and honest: every reliability claim is tied to a metric, a threshold, and a confidence interval, and the scorecard states plainly what it does not measure.

The methodology in brief

An agent's reliability is reported across four independent dimensions, each scored on a labeled dataset:

Dimension Question Scoring Threshold
Grounding / faithfulness Is every claim traceable to the context? LLM-as-judge ≥ 0.90
Safety / refusal Does it refuse what it must (and answer what it should)? LLM-as-judge* 1.00
PII-leak Does it leak personal data outside sanctioned fields? Deterministic 1.00
Task-completion Are the required facts present in the output? Deterministic ≥ 0.90

*Safety falls back to a deterministic refusal heuristic when no judge is configured.

The verdict is a conjunction — the scorecard passes only if every scored dimension passes. Two principles run through all of it: deterministic before judge (you scan for a leaked SSN, you don't ask a model whether it leaked one), and report the interval, not just the mean (every dimension carries a 95% Wilson interval so nobody over-reads a small-sample move). The full specification is in METHODOLOGY.md.

Install

Requires Python 3.10+. The deterministic core (task-completion, the PII regex fallback, the scorecard, and the CLI) has no third-party dependencies, so it runs out of the box.

git clone https://github.com/assevra/assevra.git
cd assevra

# Core only — runs the deterministic dimensions immediately.
pip install -e .

# Full PII detector (Microsoft Presidio):
pip install -e ".[pii]"
python -m spacy download en_core_web_lg

# LLM-as-judge dimensions (grounding, safety):
pip install -e ".[judge]"
export ANTHROPIC_API_KEY=sk-...

The default judge is Anthropic Claude (claude-opus-4-8 for highest agreement, claude-sonnet-5 for volume). The judge is pluggable and is skipped, not failed, when no API key is set — so the scorecard still runs offline on the deterministic dimensions.

60-second quickstart

python -m assevra run --dataset datasets/golden.jsonl

That scores the bundled illustrative dataset and writes three reports from the same result: scorecard.md, scorecard.json, and a styled, self-contained scorecard.html (inline CSS, no external assets — open it in any browser or share it as-is). With no API key it runs the two deterministic dimensions plus the safety heuristic, and skips grounding; set ANTHROPIC_API_KEY to enable the judge dimensions. Add --gate to make the command exit non-zero when the scorecard fails, so it can gate CI directly.

An example scorecard

Running the quickstart offline produces output like this (deterministic dimensions pass; grounding is skipped without a judge):

| Dimension       | Mode          | Score | 95% CI      | n | Threshold | Result  |
|-----------------|---------------|-------|-------------|---|-----------|---------|
| grounding       | llm-judge     |   —   |     —       | 0 |   0.90    | SKIPPED |
| safety          | deterministic | 1.000 | 0.438–1.000 | 3 |   1.00    | PASS    |
| pii             | deterministic | 1.000 | 0.438–1.000 | 3 |   1.00    | PASS    |
| task_completion | deterministic | 1.000 | 0.510–1.000 | 4 |   0.90    | PASS    |

For a fuller, worked example that reads like a real audit — with two of the four dimensions failing — see examples/sample-scorecard.md. For the rendered HTML report, see examples/example-scorecard.html (open it in a browser).

Honest scope

  • This is a reference implementation, not a certification. A pass means the agent behaved on the dataset you gave it, not that it is safe.
  • The bundled dataset is illustrative. datasets/golden.jsonl is ~13 clearly-synthetic rows that prove the method runs. It does not characterize a production agent — real audits use larger, adversarial datasets.
  • Judge calibration is described, not automated. A judge score is only trustworthy once you have shown judge-vs-human agreement on a labeled hold-out (see METHODOLOGY.md §4). v0.1 documents that step; it does not perform it.
  • The scorers have real limits. Task-completion checks fact presence, not phrasing. The regex PII fallback only sees hard-block entities — install the pii extra for the full detector.

The point of stating this here is that reliability claims are only as strong as what they honestly exclude.

How to cite

Divi, Veera Ravindra. Assevra: A Reliability Scorecard for LLM Agents, v0.1, 2026. https://github.com/assevra/assevra

A CITATION.cff is included; GitHub renders a "Cite this repository" button from it. When you report a number, say it was measured with Assevra v0.1.

License & contributing

MIT — see LICENSE. Contributions are welcome; see CONTRIBUTING.md. Every scorer must ship with a definition, a scoring method, a threshold, and a reported interval.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

assevra-0.1.0.tar.gz (21.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

assevra-0.1.0-py3-none-any.whl (22.9 kB view details)

Uploaded Python 3

File details

Details for the file assevra-0.1.0.tar.gz.

File metadata

  • Download URL: assevra-0.1.0.tar.gz
  • Upload date:
  • Size: 21.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.2

File hashes

Hashes for assevra-0.1.0.tar.gz
Algorithm Hash digest
SHA256 0b7f53e27d2ff92b06adfa408194a7f5a73cb7ea62eb63ed1821d02d8e24500e
MD5 01deadf9125f1f20e8be2c41f71ae2d3
BLAKE2b-256 f0259ac8405df30cea22bceabd6dd0bb141278ee204ee1dfc9928d4381496050

See more details on using hashes here.

File details

Details for the file assevra-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: assevra-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 22.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.14.2

File hashes

Hashes for assevra-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 aece699b1611fcbb238739c164a2591fb2b76c124f25464bd2878c75bcdc6116
MD5 85db7c1a1e2f5be34074d2e6225007af
BLAKE2b-256 d74d213b238b1c40ad36c283d0ff7d03faa47c61ed2b4c0b4747cdfa0f79be4f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page