Tool access
Which tools can the agent call, what arguments did it pass, and which calls should have required approval?
Reliability evidence for AI-agent startups
Your agent works. Prove how it fails.
EvidenceRun instruments one agent workflow, maps failures against a 12-mode taxonomy, and delivers a buyer-ready reliability report founders can use in investor, security, and enterprise conversations.
Not observability
Evidence packaging
Not certification
Buyer readiness
Not generic governance
Agent failure taxonomy
The deliverable
A report your buyer's security team can read.
Twelve failure modes, mapped to evidence from your traces, with severity, remediation class, and a non-certification disclaimer. Hand it to a buyer's diligence team and the conversation moves.
The 12-mode taxonomy
What gets audited.
Every report maps observed behavior against the same twelve modes — so a buyer's security team can compare findings across vendors, and you can answer the same question every time.
Critical 4
Deal killers
- 03
PII exposure
Customer data, secrets, or prompt content leak to a third-party tool, log, or downstream model.
- 05
Missing approval
High-impact actions execute without the human-in-the-loop check the workflow promises.
- 11
Unverifiable decisions
A decision was made; nobody can reconstruct what the agent saw, asked, or weighed.
- 12
No replay trail
Inputs, prompts, model versions, and tool outputs are not stored long enough for an after-the-fact audit.
Operational 4
Ops nightmares
- 01
Tool misuse
Agent calls a tool with the wrong args, wrong scope, or no need to call it at all.
- 02
Hidden retries
Silent retry loops on non-idempotent calls cause duplicate side effects nobody can see in the trace.
- 06
Runaway cost
Recursive calls, retry storms, or context bloat send a single run past the alarm threshold.
- 08
Silent failure
Tool returned an error, the agent returned success — the user is told something happened that didn't.
Subtle 4
Long-tail risks
- 04
Prompt injection
Untrusted content in inputs, attachments, or web pages overrides system instructions.
- 07
Stale context
Agent acts on cached customer state, expired session data, or out-of-date documents.
- 09
Wrong system access
Agent inherits service-account permissions far beyond what the workflow requires.
- 10
Output drift
Customer-facing wording, format, or recommendations drift across runs in ways nobody noticed.
What gets audited
Three questions every buyer asks first.
Data movement
Where did customer data, PII, secrets, prompts, and third-party API payloads move during the run?
Replay evidence
Can the team reconstruct what the agent saw, tried, changed, failed, retried, and claimed afterward?
Pilot offer
One workflow. Five to seven days. Fixed scope.
1
Pick one agent workflow that matters for sales, support, finance, coding, research, or operations.
2
Share traces, logs, prompts, tool calls, screenshots, or run a short screen-share walkthrough.
3
Receive an Agent Reliability Report: failure taxonomy mapping, evidence examples, and remediation backlog.
3 pilots at $1,000 each. 5-day delivery.
For startups building AI agents that need to look serious in front of investors, security teams, or enterprise buyers.
EvidenceRun reports are reliability evidence for product, security, and investor conversations. Not a legal compliance certification or safety guarantee.