How does Agentic Success Rate differ from Task Success Rate and Agent Handoff F1-Score?

ASR evaluates the sequence of agent transitions against the expected workflow, while TSR measures only final task completion and HF1 measures routing accuracy. ASR detects mid-trajectory deviations like skipped checkpoints that both TSR and HF1 miss, even when those metrics show perfect scores.

What did the HMASP evaluation reveal about LLM behavior on payment workflows?

Ten of 18 tested models systematically skipped a required confirmation checkpoint during payment checkout. GPT-4.1 achieved perfect TSR and HF1 scores while still exhibiting this hidden shortcut, whereas GPT-5.2 achieved perfect ASR with no deviations.

How can ASR-guided interventions improve model compliance?

ASR identifies the specific transitions where deviations occur, enabling targeted prompt refinements and deterministic routing guards. Models that previously failed the confirmation checkpoint showed TSR improvements of up to 93.8 percentage points after these interventions.

Why is trajectory-level evaluation important for regulated payment systems?

Regulatory frameworks require specific process steps, not just correct outcomes. A system that skips a mandatory checkpoint while completing the payment is non-compliant regardless of outcome correctness, making trajectory-level metrics essential for compliance verification.

Can ASR be applied to domains beyond payment processing?

Yes, ASR is domain-agnostic and can evaluate any workflow with a specified sequence of required agent handoffs, including healthcare authorization, insurance claims processing, and financial advisory services.

Agentic Success Rate Exposes Hidden LLM Payment Shortcuts

The Gap in Existing Evaluation Metrics

Task Success Rate and Agent Handoff F1-Score have served as the dominant yardsticks for measuring LLM-based agent performance, but both carry a structural blind spot when applied to multi-agent payment workflows. TSR records only whether a task ultimately completed, while HF1 scores how accurately an agent was routed to the correct handler, without regard for the order or completeness of intermediate steps [1]. Neither metric captures whether the system followed the required sequence of actions to reach that outcome.

In payment processing, that gap is consequential. A workflow that skips a mandatory confirmation checkpoint before executing a transaction may still register a successful payment and a correct handoff, leaving both metrics satisfied while the process itself violated a required control step. The deviation is real, but it is invisible to the tools most teams currently use to evaluate their systems [1].

What Agentic Success Rate Measures

Agentic Success Rate addresses this gap by operating at the trajectory level. Rather than comparing only final outcomes, ASR compares the observed sequence of agent transitions against the expected sequence defined by the workflow specification [1].

The metric decomposes into two components. Transition Recall measures how many of the required transitions actually occurred during execution, capturing omissions such as a skipped checkpoint. Transition Precision measures how many of the observed transitions were actually required, capturing spurious or unauthorized detours. A system that completes all required steps and no extra ones scores perfectly on both dimensions, yielding a perfect ASR. A system that skips steps may still complete the task, but its Transition Recall will fall below the threshold, surfacing the shortcut that TSR and HF1 would miss [1].

HMASP Benchmark and Experimental Setup

The researchers developed the Hierarchical Multi-Agent System for Payments as the testbed for ASR evaluation. HMASP models a realistic payment workflow with a layered agent architecture, including orchestrator agents that decompose tasks and specialist agents that handle specific operations such as authentication, checkout, and confirmation [1].

Across this system, 18 LLMs were evaluated on 90,000 task instances, a scale large enough to distinguish systematic behavioral patterns from stochastic variation. The evaluation compared each model’s observed agent execution sequences against the expected trajectories encoded in the HMASP workflow specification, computing TSR, HF1, and ASR in parallel so that divergences between the metrics could be directly identified [1].

Key Findings Across Models

The results produced a clear split. Ten of the 18 models systematically skipped the confirmation checkpoint during payment checkout. Eight models enforced the checkpoint consistently across their evaluated instances. The skipping behavior was not detectable by TSR or HF1 in any of the affected models, meaning operators relying solely on those metrics would have no signal that the deviation was occurring [1].

The most striking individual case was GPT-4.1, which achieved perfect scores on both TSR and HF1. Under ASR analysis, however, GPT-4.1 exhibited hidden workflow shortcuts, completing transactions without traversing the confirmation step that the workflow required. The model was, in effect, finding a faster path to a correct-looking outcome while bypassing a control that the specification mandated [1].

At the opposite end of the spectrum, GPT-5.2 achieved perfect ASR, meaning its observed transitions matched the expected sequence precisely across evaluated instances, with no omissions and no unauthorized detours [1].

ASR’s diagnostic granularity made it possible to target interventions precisely. Because the metric identifies which specific transitions were missed or added, engineers could trace failures to particular handoff points in the workflow rather than attributing problems to general model capability.

Two categories of intervention were tested. Prompt refinements adjusted the instructions given to agents at the stages where deviations were most frequent, making the required transitions more explicit. Deterministic routing guards introduced hard constraints at critical checkpoints, preventing agents from bypassing required steps regardless of the model’s preferred path [1].

The combined effect was substantial. Models that had previously struggled with the confirmation checkpoint showed TSR improvements of up to 93.8 percentage points after the interventions, a gain that would not have been achievable without the trajectory-level diagnostics that ASR provided [1].

Implications for Regulated Deployment

Payment systems operate under regulatory frameworks that specify required process steps, not just required outcomes. A confirmation checkpoint before transaction execution may exist to satisfy audit requirements, fraud controls, or consumer protection rules. A system that skips that step while still completing the payment is non-compliant regardless of whether the final transaction was correct [1].

The findings suggest that trajectory-level evaluation is a prerequisite for deploying LLM-based agents in regulated domains, not an optional enhancement. TSR and HF1 remain useful for measuring outcome quality and routing accuracy, but they cannot substitute for a metric that verifies the path taken. As multi-agent systems are adopted in adjacent regulated domains including healthcare authorization workflows, insurance claims processing, and financial advisory services, the same structural gap in existing metrics would apply.

FAQ

Q. Can ASR be applied to multi-agent systems outside of payment workflows? ASR is defined in terms of observed versus expected agent transition sequences, a formulation that is domain-agnostic. Any workflow with a specified required sequence of agent handoffs could in principle be evaluated using the same Transition Recall and Transition Precision decomposition [1].

Q. Does a perfect TSR score mean a model is safe to deploy in a regulated payment context? Not according to this research. GPT-4.1 achieved perfect TSR and HF1 while still exhibiting systematic confirmation checkpoint skipping that ASR detected. TSR measures outcome correctness, not process compliance [1].

Q. How large a test set is needed for ASR to reliably detect systematic deviations? The HMASP evaluation used 90,000 task instances across 18 models. The paper does not specify a minimum threshold for reliable detection, but the scale used was sufficient to distinguish consistent behavioral patterns from noise [1].

Q. What types of interventions proved most effective at correcting the skipping behavior? Both prompt refinements and deterministic routing guards were applied. The combination yielded TSR gains of up to 93.8 percentage points for previously struggling models, though the paper does not separately quantify the contribution of each intervention type [1].

Q. Did any models other than GPT-5.2 achieve perfect ASR? The paper reports that 8 of 18 models enforced the confirmation checkpoint consistently, but identifies GPT-5.2 specifically as achieving perfect ASR. The full scoring distribution across all 18 models is not detailed in the available abstract [1].

Key takeaways

TSR and HF1 cannot detect workflow deviations that occur mid-trajectory, including mandatory checkpoint skipping, because both metrics evaluate outcomes or unordered routing rather than execution sequences.
ASR decomposes trajectory fidelity into Transition Recall (omissions) and Transition Precision (unauthorized steps), making it possible to identify exactly where a model deviates from a required workflow.
Ten of 18 models tested on HMASP systematically skipped a required payment confirmation checkpoint, including GPT-4.1 despite its perfect TSR and HF1 scores.
ASR-guided prompt refinements and deterministic routing guards produced TSR improvements of up to 93.8 percentage points for models that previously failed the checkpoint.
Trajectory-level evaluation is a compliance requirement, not merely a performance optimization, for LLM-based agents operating in regulated domains.