Skip to content

docs: clarify ASSERT evidence flow #273

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
placerda merged 1 commit into from
Jun 9, 2026
+16 −11
Merged

docs: clarify ASSERT evidence flow #273

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions docs/tutorial-end-to-end.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -892,8 +892,9 @@ Use AgentOps for the repo-side follow-through:
`.agentops/governance/redteam-plan.md`; keep raw payloads/results in the
approved secure system.
3. If you use ASSERT or Agent Control Specification, add reviewed artifacts to
the repo or CI artifacts and point AgentOps at them. In tutorials, keep this
as a metadata-only showcase unless you already have an approved ASSERT run:
the repo or CI artifacts and point AgentOps at them. These artifacts join the
normal release proof alongside eval results, Doctor findings, and workflow
runs:

```yaml
assert_path: .agentops/governance/assert-evidence.md
Expand Down
22 changes: 13 additions & 9 deletions docs/tutorial-prompt-agent-quickstart.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -844,15 +844,19 @@ only to metric names that appear in the azd run output, and regenerate the recip
with `agentops eval init --force`. Do not use placeholder rubric names in the
quickstart path.

### Optional: showcase ASSERT evidence

ASSERT is useful in the tutorial as **release evidence**, not as an AgentOps-run
execution step. Run ASSERT in its owning tool, keep the approved policy or result
summary in the repo or CI artifact store, and point AgentOps at that artifact so
Doctor and the evidence pack can cite its status and hash.

For a safe tutorial/demo path, add only reviewed metadata. Do not paste raw
adversarial prompts, secrets, or customer data into the repo.
### Add ASSERT evidence to the release proof

The normal AgentOps flow proves the release with evaluation results, Doctor
findings, workflow runs, and release evidence. ASSERT fits into that same release
proof as a governed artifact: run ASSERT in the tool or process your team uses
for policy checks, keep the reviewed policy or result summary in the repo or CI
artifact store, and point AgentOps at it.

AgentOps does not execute ASSERT. It records the artifact path, status, and
SHA-256 hash so Doctor and the evidence pack can show reviewers which ASSERT
evidence was used for the release. Store only approved metadata in the repo; keep
raw adversarial prompts, secrets, customer data, and detailed scan payloads in
the approved secure system.

```powershell
New-Item -ItemType Directory -Force .agentops\governance | Out-Null
Expand Down
Loading