Evidence Taxonomy
AGILAB evidence should be easy to inspect without rerunning the workflow. This taxonomy proposes a shared vocabulary for run manifests, proof bundles, notebook exports, UI robot evidence, MLflow handoff records, and release proof. It is a target model: today the shipped evidence producers do not yet emit a single unified envelope, so the field names below are planned and each row is marked planned or shipped.
Common Event Envelope
The proposed common envelope below is the direction AGILAB evidence bundles are
moving toward. No producer in the repository emits this exact envelope yet, so
treat the field names as planned unless the Status column says otherwise.
Shipped evidence currently uses producer-specific names such as created_at
plus kind plus schema_version, or sequence / timestamp /
type, or a schema string like "agilab.<name>.v1". See the mapping
table below for how the planned names correspond to what is actually emitted.
Field |
Status |
Meaning |
|---|---|---|
|
Planned (shipped as |
Version of the evidence event schema. |
|
Planned (shipped as |
One of the event names listed below. |
|
Planned (shipped as |
AGILAB run, proof, robot, release, or agent-run identifier. |
|
Planned (shipped as |
Monotonic sequence number within the evidence bundle. |
|
Planned (shipped as |
UTC timestamp recorded by the producing tool. |
|
Planned (shipped as artifact hash fields on individual artifact records) |
SHA-256 of the referenced artifact when the event has one. |
|
Planned (not emitted; reserved for a future tamper-evident chain) |
Optional previous event hash for future tamper-evident chains. |
|
Planned (not emitted; reserved for a future tamper-evident chain) |
Optional hash of the canonicalized event envelope and payload. |
|
Planned (shipped as the producer-specific record body) |
Event-specific metadata. It must not contain secrets or large raw artifacts. |
Planned-to-shipped field mapping
Until a single envelope ships, verifiers must read the producer-specific field names. This table maps the planned taxonomy names to the names currently emitted by shipped evidence producers.
Planned taxonomy field |
Shipped field name(s) |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
per-artifact hash fields (no single top-level |
|
not emitted yet (reserved) |
|
the producer-specific record body |
Event Types
Event type |
Purpose |
|---|---|
|
Records the top-level run manifest, selected app, environment, and command boundary. |
|
Records a workflow, DAG, or pipeline stage state transition. |
|
Records a produced file, directory manifest, or content hash. |
|
Records an exported notebook or notebook export manifest. |
|
Records an MLflow tracking or registry handoff when that integration is enabled. |
|
Records screenshots, traces, HAR, video, aggregate JSON, and replay commands from UI robot validation. |
|
Records a coding-agent or assistant-backed command through the AGILAB agent-run evidence surface. |
|
Records a deterministic policy or promotion gate decision. |
|
Records release tag, package, docs, CI, coverage, SBOM, audit, or provenance evidence used in release proof. |
Redaction Rules
Evidence payloads must not store secrets, raw prompts that contain credentials, full notebook outputs with sensitive data, or large artifact bodies. Prefer:
content hashes over raw content
stable reason codes over free text when a code is enough
local file references over embedded blobs
explicit
redactedmarkers when a field was intentionally removed
Verifier Scope
A verifier consumes this taxonomy to check evidence without rerunning work. It may validate:
schema versions
required event fields
monotonic sequence numbers
artifact hash matches
reference closure
release-proof metadata consistency
It must not validate facts outside the evidence bundle, such as legal compliance, model correctness, production suitability, or whether an external auditor accepts the evidence.
Roadmap Boundary
Optional prev_event_hash and event_hash fields make room for a future
tamper-evident chain. Until that verifier is shipped and referenced from the
release proof, public wording must stay at “hash-backed evidence” or
“designed toward tamper-evident chains”, not “tamper-proof”.