Flows category icon
Agent QA & Security
Advanced

Stand Up an Adversarial Verification Agent

Stop trusting your agent's own 'it works': dispatch a read-only verifier that must run real commands, probe adversarially, and return an evidence-backed PASS/FAIL verdict.

4 steps12 verify checks90-150 minutesWorks with: emergent · chatgpt · claude · cursor
Start Guided Walkthrough

The Route

0/4 verified

Context Pack

Paste this first. It briefs the AI on requirements, constraints, and the Definition of Done before your first build prompt.

Context Pack
PROJECT CONTEXT:
My agent implements a feature, declares success, and half the time the code does not even compile. Claude Code's answer is an adversarial verification agent: a separate, edit-forbidden sub-agent that must build, test, lint, and probe the work, then issue a verdict the implementer cannot influence.

GOAL:
Create a verification agent with read-only constraints, mandatory command evidence, adversarial probes, and a structured verdict that gates the implementer's completion claim.

REQUIREMENTS:
- A verifier agent definition with edit/write tools removed from its pool
- Every check backed by evidence: the command run and the output observed
- At least one adversarial probe per verification (boundaries, concurrency, idempotency)
- A structured verdict: PASS, FAIL, or PARTIAL with itemized findings
- Critical constraints re-injected every turn so long sessions cannot forget them

CONSTRAINTS:
- The verifier must receive the original task description, not the implementer's summary of it
- The implementer never grades its own work - the verdict is the only completion signal

DEFINITION OF DONE:
- The verifier physically cannot edit project files (tool pool verified, not just prompted)
- A deliberately broken implementation receives FAIL with the failing command output quoted
- Verdicts include at least one adversarial probe beyond the happy path
- The main loop treats FAIL/PARTIAL as 'not done' and routes findings back to the implementer

COMMON FAILURES TO AVOID:
- The verifier 'fixes' issues it finds, silently becoming a second implementer
- Checks reported as passed with no command output - verification theater
- Happy-path-only testing that is fooled by the first 80% looking right
- The implementer summarizes the task for the verifier, laundering away the failed requirements

Paste this into your AI builder first. It teaches the AI what you want before you give it the build prompt.

Related routes

More Agent QA & Security flows that share ground with this one.

Flows category icon
Agent QA & Security

Red-Team Your Agent with Adversarial Prompts

Systematically attack your own agent using red-teaming frameworks: vulnerability probes, attack methods, and a repeatable adversarial suite.

01Build a threat-driven probe set
02Arm each probe with attack methods
03Automate execution and score

+1 more steps to Done

Best forproduction-grade builds with strict verification

4 steps120-180 minutesAdvanced
Flows category icon
Agent QA & Security

Audit Trails for Tool Calls

Record an immutable, queryable trail of every action your agent takes - who, what, when, why, and outcome - for security and accountability.

01Define the audit record and scope
02Write records reliably and scrubbed
03Make the trail tamper-evident

+1 more steps to Done

Best forbuilders who have shipped a basic app before

4 steps60-90 minutesIntermediate
Flows category icon
Agent QA & Security

Build a Command Security Pipeline for Your Agent

Replace scattered if-else safety checks with a layered validator pipeline: single-purpose checks, an allow/ask/deny/passthrough contract, and severity-aware ordering.

01Define the contract and pipeline skeleton
02Implement early validators and input hygiene
03Build the main validator chain and hard path constraints

+1 more steps to Done

Best forproduction-grade builds with strict verification

4 steps120-180 minutesAdvanced

Made with Emergent