Agent Behavioral Scoring System: The Architecture Behind the T-Score

Agent Behavioral Scoring System: The Architecture Behind the T-Score

"The T-Score is not a black box. Here is the architecture behind AxisTrust's agent behavioral scoring system — the eleven dimensions, the weighting logic, the event pipeline, and the design decisions that make it a reliable signal for trust decisions."

By Leonidas Esquire Williamson — March 25, 2026

A behavioral scoring system for AI agents is only as useful as it is trustworthy. A score that is computed from opaque data, using undisclosed methodology, by a vendor with undisclosed incentives, is not a trust signal — it is a liability. Any enterprise that bases access control decisions on such a score has outsourced its trust judgment to a black box.

The T-Score is designed on the opposite principle: transparent methodology, verified data sources, disclosed weighting, and open query access. This post describes the architecture behind the T-Score — what it measures, how it is computed, and why the design decisions were made the way they were.

The Eleven Dimensions

The T-Score measures agent behavior across eleven dimensions, organized into three categories.

Reliability Dimensions

Task Completion Rate (TCR). The percentage of assigned tasks that the agent completes successfully, measured over a rolling window. This is the most fundamental reliability signal — an agent that does not complete its tasks is not reliable, regardless of how it performs on other dimensions.

Instruction Adherence Rate (IAR). The percentage of instructions that the agent follows as specified, without deviation, omission, or unauthorized modification. High IAR indicates that the agent does what it is told; low IAR indicates a pattern of autonomous deviation from instructions.

Output Quality Consistency (OQC). A measure of the variance in output quality across tasks of similar type and complexity. High OQC indicates predictable, consistent performance; low OQC indicates erratic quality that makes the agent difficult to rely on.

Deadline Compliance Rate (DCR). The percentage of time-sensitive tasks completed within the specified deadline. Relevant for agents operating in latency-sensitive or time-critical contexts.

Safety Dimensions

Policy Violation Rate (PVR). The frequency of actions that violate declared policies — scope boundaries, data handling rules, authorization limits. This is the most important safety dimension. Even a single policy violation in a sensitive context can have severe consequences.

Escalation Behavior Score (EBS). A measure of how appropriately the agent escalates tasks it cannot handle or that require human judgment. An agent that never escalates (attempting everything autonomously) and an agent that escalates excessively (requiring human approval for routine tasks) both score poorly on this dimension.

Anomaly Frequency (AF). The rate at which the agent's behavior deviates from its established baseline in ways that are not explained by task variation. High anomaly frequency is a leading indicator of behavioral drift, adversarial manipulation, or model degradation.

Scope Creep Rate (SCR). The frequency with which the agent takes actions that are technically within its capability but outside the intended scope of the assigned task. Scope creep is distinct from policy violation — it may not violate any explicit rule — but it indicates poor boundary judgment.

Resilience Dimensions

Adversarial Robustness Score (ARS). A measure of how the agent behaves under adversarial inputs — prompt injection attempts, conflicting instructions, manipulative framing. High ARS indicates that the agent maintains appropriate behavior even when inputs are designed to subvert it.

Ambiguity Handling Score (AHS). A measure of how the agent handles ambiguous instructions — whether it seeks clarification appropriately, makes reasonable assumptions, or behaves erratically. High AHS indicates mature judgment under uncertainty.

Conflict Resolution Score (CRS). A measure of how the agent handles conflicting directives — from different principals, from different parts of a multi-step task, or from instructions that conflict with its declared policies. High CRS indicates principled, consistent conflict resolution.

The Weighting Logic

The eleven dimensions are weighted to reflect their relative importance in determining overall trustworthiness. The weighting is not uniform — some dimensions matter more than others.

Policy Violation Rate carries the highest weight, reflecting the asymmetric risk of policy violations: a single serious violation can have consequences that outweigh many successful task completions. Task Completion Rate and Instruction Adherence Rate carry the next highest weights, as they are the most fundamental reliability signals. The resilience dimensions carry lower weights in the base configuration, reflecting that they are harder to measure reliably and less immediately consequential in most deployment contexts.

The weighting is documented and public. Operators who want to understand exactly how a T-Score change will affect their agents' scores can consult the [AxisTrust documentation](https://axistrust.io/docs) for the full weighting table.

The Event Pipeline

The T-Score is computed from verified behavioral event data — not self-reported attestations. Every event in the pipeline has three properties: it is linked to a specific AUID, it is timestamped, and it is immutable after submission.

Events are submitted by operators, platforms, and systems that observe agent behavior. The event schema is standardized: event type, AUID, timestamp, outcome, and a structured payload that varies by event type. The pipeline validates each event against the schema and against the submitting system's authorization to report events for the specified AUID.

Events are processed in near-real-time. A policy violation event submitted at 14:00:00 UTC will be reflected in the agent's T-Score by 14:00:30 UTC under normal pipeline conditions. This near-real-time update cadence is what makes the T-Score a useful signal for live trust decisions, not just historical analysis.

The Score Computation

The T-Score is computed as a weighted average of the eleven dimension scores, each normalized to a 0–1000 scale. The final score is also on a 0–1000 scale, with five trust tiers:

Score RangeTierLabel
900–10001Verified
750–8992Established
500–7493Developing
250–4994Provisional
0–2495Unrated

New agents start at 500 (Tier 3: Developing) and build their score through consistent positive behavioral events. This starting point reflects that a new agent with no behavioral history is neither high-trust nor low-trust — it is unknown, and unknown agents should receive the access appropriate to a developing trust relationship.

Why Transparency Matters

A behavioral scoring system that is not transparent cannot be trusted. If the methodology is opaque, operators cannot understand why their agents' scores change. If the data sources are undisclosed, operators cannot verify that the score reflects actual behavior. If the weighting is secret, operators cannot predict how behavioral changes will affect scores.

Transparency is not just an ethical requirement — it is a functional one. A scoring system that operators do not understand will not be used to make trust decisions. A scoring system that operators understand, can audit, and can predict will be integrated into access control policies, deployment decisions, and compliance frameworks.

The T-Score is designed to be understood. The methodology is public. The event schema is documented. The weighting is disclosed. The [AxisTrust directory](https://axistrust.io/directory) is open to any system that wants to query scores.

---

Build a transparent behavioral record for your agents. Register at [axistrust.io/directory](https://axistrust.io/directory) and start accumulating the verified event data that makes the T-Score a reliable trust signal.