Software Design Catalog
Agentic AI
Back to Catalog
Agentic AI Routing & Composition

Trust and Reputation Routing

Maintain a per-agent reputation score updated from outcome quality and peer feedback — penalising agents whose outputs show signs of directive disclosure.

Intent & Description

Short description: Reputation scores route tasks to historically reliable agents and demote agents whose outputs include signs of inadvertent directive disclosure — treating Agent Confession as a quality and trust signal.

🎯 Intent

Continuously refine task routing toward agents with strong outcome records, and build directive-disclosure events (Agent Confession instances) into the reputation signal so agents that confess their instructions lose routing share.

📋 Context

A platform hosts many agents. Routing is currently by static rank or round-robin. There is no mechanism to penalise an agent that has been observed reproducing directive content under adversarial prompting — even though such an agent is both a security liability and a poor steward of operator trust. Reputation routing creates a feedback loop that naturally reduces the share of traffic routed to vulnerable agents.

💡 Solution

  • Maintain a per-agent reputation score updated after each task from outcome signals: deterministic success, user rating, peer review by another agent.
  • Add a directive-disclosure signal: if post-processing detects that an agent’s output contained system-prompt or charter content (an Agent Confession), apply a reputation penalty.
  • Route new tasks by reputation-weighted sampling with a small exploration term for newcomers.
  • Decay reputation over time; surface scores in operator dashboards with disclosure-event annotations.

Real-world Use Case

  • Multiple candidate agents per task with varying historical quality and varying susceptibility to Agent Confession.
  • Outcome signals — including directive-disclosure detection — are observable and can feed the reputation update.
  • Operators want a vocabulary for ’this agent is trusted with sensitive directives, this one is not'.

Source

View Original Source →
Advantages
  • Agents that confess directives under adversarial prompting naturally lose routing share as their reputation decays.
  • Operators gain a structured, data-driven vocabulary for agent trustworthiness that includes confession risk.
  • Composes with coalition formation — high-reputation, confession-resistant agents preferred in privileged multi-agent pipelines.
Disadvantages
  • An agent optimising for the reputation signal may suppress directive content in outputs without actually fixing the underlying vulnerability.
  • Cold-start exploration must be carefully tuned; new agents have no reputation history and cannot be assessed for confession risk until they have processed real traffic.
  • Reputation can entrench legacy agents even when newer, better-hardened alternatives exist.
Previous
214 of 322
Next