Argmin AIArgmin AI
About usOptimize your agent
RLHFBasic RAGPrompt OptimizationAgentic RAGQuantizationSafety BenchmarksLLM-as-a-JudgeChain-of-ThoughtMulti-Agent SystemsFunction CallingEfficient InferenceHallucination Detection

TrustBench: a runtime safety gate for agents that cuts harmful actions and runs in under 200 ms

Agentic AIAgent PipelinesBenchmark ConstructionTool PlanningSystem
March 10, 20267 min

Overview

Decision SnapshotNeeds Validation

The paper presents an implemented Python system and multi-domain evaluation that show strong harm reduction and low latency. Evidence is empirical but limited to three domains and to the authors' implementation; code and public data links are not provided.

Citations0

Evidence Strength0.70

Confidence0.75

Risk Signals11

Trust Signals

Findings with numeric evidence: 5/5

Findings with evidence refs: 5/5

Results with explicit delta: 3/5

Reproducibility

Status: No open assets linked

Open source: Unknown

At A Glance

Cost impact: 60%

Production readiness: 70%

Novelty: 50%

Authors

Tavishi Sharma, Vinayak Sharma, Pragya Sharma

Links

Abstract / PDF

Why It Matters For Business

Insert fast, actionable checks before agents act to avoid costly or dangerous mistakes. TrustBench-style verification cuts harmful actions substantially while staying fast enough for real use.

Who Should Care

CTOProduct ManagerML EngineerEngineering LeadFounder

Summary TLDR

TrustBench is a modular system that intercepts agent actions just before execution, combines calibrated model confidence with fast runtime checks and domain plugins, and substantially reduces harmful agent actions (reported ~87% reduction) while keeping verification latency under 200 ms.

Problem Statement

Current trust evaluations are mostly post-hoc and cannot stop harmful agent actions. Agents need a fast, plug-inable verification step between action formulation and execution to prevent harm in high-risk domains.

Main Contribution

A dual-mode framework: (1) Benchmarking Mode learns mappings between agent confidence and actual correctness using LLM-as-a-Judge; (2) Verification Mode applies calibrated priors plus fast runtime checks to gate actions.

A domain plugin architecture that encodes domain-specific evidence policies (e.g., PubMed/WHO checks for healthcare, regulatory checks for finance) and lets domains override thresholds and weights.

Key Findings

TrustBench-equipped agents produced far fewer harmful actions in evaluation.

Numbersharmful actions reduced by 87% (aggregate)

Practical UseAdd TrustBench-style pre-execution checks to reduce the chance of harmful agent actions by roughly an order of magnitude on similar tasks.

Evidence RefAbstract; Evaluation section

Domain-specific plugins are more effective than generic verification.

Numbersdomain plugins gave 35% greater harm reduction than generic verification

Practical UsePrefer building lightweight domain plugins (evidence policies and weights) rather than one-size-fits-all checks for higher-stakes domains.

Evidence RefAbstract; Domain-Specific Plug-ins section

Results

MetricValueBaselineDeltaSplit / DatasetEvidenceEvidence Ref
Harmful action reduction (aggregate)87% reductionunconstrained execution−87% harmful actionscombined MedQA, FinQA, TruthfulQAAbstract; Evaluation sectionAbstract; Evaluation
Harmful actions after TrustBench~1013% of baseline100% of identified harmful actions under unconstrained executionreduced to 1013% of baselinecomponent ablation (Figure 2b)Component Ablation; Figure 2bFigure 2b

What To Try In 7 Days

Log agent self-reported confidence and outcomes on a small domain dataset to measure miscalibration.

Prototype an isotonic calibration mapping from confidence to observed correctness using an LLM-as-a-Judge.

Implement 2–3 cheap runtime checks (citation presence, timestamp recency, simple policy blacklist) and measure latency and false-block rates.

Agent Features

Memory
stores calibration profiles indexed by agent and domain (short-term operational state)
Planning
action interception before executiontrust-based action gating
Tool Use
invoked as pre-execution verification toolkitintegrates via model APIs and Ollama
Frameworks
LLM-as-a-Judgeisotonic regression calibration
Is Agentic

Yes

Architectures
dual-mode (benchmarking + runtime verification)plugin-based domain extension
Collaboration
human-in-the-loop gating for low-trust actions

Optimization Features

Infra Optimization
plug-and-play model integration via Ollama and APIs
System Optimization
sub-200 ms median end-to-end verification pipelinemodular components for independent instantiation
Inference Optimization
select subset of runtime metrics to meet latency boundsempirical 0.3:0.7 weighting to prioritize fast runtime signals

Reproducibility

Code AvailableNo
Data AvailableNo
Open Source StatusUnknown
LicenseUnknown

Risks & Boundaries

Limitations

Relies on LLM-as-a-Judge (LAJ) quality; judge bias or error can affect calibration.

Domain plugins require domain-specific design and maintenance.

When Not To Use

When you cannot obtain reliable calibration data linking confidence to outcomes.

For ultra-low-latency paths where even ~200 ms is unacceptable.

Failure Modes

False blocking of safe actions due to overstrict plugin rules.

Missed harmful actions if calibration or LAJ judgments are systematically biased.

Core Entities

Models

Llama3.2:8BLlama3:8BGPT-OSS:20B

Metrics

harmful action rate (%)LAJ correctness (LLM-as-a-Judge)confidence calibration curvesverification latency (ms)

Datasets

MedQAFinQATruthfulQA

Benchmarks

AgentBenchTrustLLMHELMSafeAgentBench

You May Also Want to Read

Survey of safe interfaces, threat models, and standards for LLM-driven agents that act on blockchains

0.40
0.55
0.65
0

Connecting AI agents to blockchains can automate treasury, trading and governance but also creates irreversible financial and governance risk; invest in intent typing, policy gates, hardened custody, and MEV-aware execution before granting any agent signing power.

Key finding

Systematic literature review found 317 relevant works from 3,270 records.

Numbers: 317 studies selected from 3,270 records

Diffusion-backed agents match accuracy but run ~30% faster and can reach up to 8× speedups in some cases

0.60
0.60
0.70
0

Replacing an AR backbone with a diffusion backbone can cut agent runtime and tool costs without lowering final task accuracy, but it requires additional training for reliable tool calls.

Key finding

DLLM and AR agents achieved the same benchmark accuracy on the 110-question BrowseComp-ZH subset.

Numbers: Accuracy: AR 15.5% vs DLLM 15.5%

TOOLMAKER: agents that turn scientific GitHub repos into executable LLM tools

0.60
0.70
0.60
3

Automates converting published code into reusable tools, cutting expert setup time and enabling rapid integration of domain-specific methods into production agents at a low per-tool cost.

Key finding

TOOLMAKER implemented 80% of benchmark tools (12 of 15)

Numbers: 12/15 tools correct

ERI: 57,750 engineering instruction-response items across 9 fields to test LLM reasoning and agent tool-use

0.70
0.60
0.70
0

ERI lets teams measure engineering-specific failure modes (units, constraints, verification) so you can route tasks to cheaper models when safe and reserve frontier models for high-risk work.

Key finding

ERI contains 57,750 instruction-response records with explicit metadata.

Numbers: 57,750 records; 1,155 metadata cells (50 per cell)

Use formal EDA feedback inside a multi-agent controller to improve Verilog generation without expensive fine-tuning.

0.60
0.50
0.70
0

You can improve RTL code generation accuracy and tune for hardware metrics without expensive model re-training. That cuts data and compute cost and lets engineering teams iterate quickly with existing LLMs.

Key finding

VeriMaAS increases top-1 syntactic/functional accuracy (pass@1) on evaluated RTL benchmarks.

Numbers: Qwen2.5-7B: VeriThoughts pass@1 44.90 -> 56.62 (+11.72) (Table 1).