How AgentSkeptic verifies reality

The problem

The agent said "done."

The trace turned green.

The graph finished.

But the customer record may still be missing, the ledger may be wrong, the vector may be stale, or the ticket may never have updated.

Stored data is the source of truth.

How read-only verification works

The verification gate

One read-only gate turns agent claims into stored-state evidence:

1. Emit structured tool activity for the actions and side effects you care about.
2. Map tool IDs to real stores in a lightweight `tools.json` registry.
3. Run verification against read-only registry targets (SQL and configured HTTP, object storage, vector, or Mongo checks).
4. Get a structured Outcome Certificate with trust and remediation fields.

The check happens at verification time, against stored state — not from trace color.

Terminal proof: same claim, different reality

The bundled `wf_complete` and `wf_missing` examples run through the same verification engine your own workflows use.

Success: wf_complete

### Success (`wf_complete`) — canonical `agentskeptic check`

stderr (first lines): truth_check_verdict: trusted, then release_critical_truth_check_verdict: trusted
stdout (Outcome Certificate excerpt): {"schemaVersion":3,"workflowId":"wf_complete","runKind":"contract_sql","stateRelation":"matches_expectations"}

Failure: wf_missing — ROW_ABSENT

stderr (first line): truth_check_verdict: not_trusted
Human report then explains ROW_ABSENT (missing downstream row vs registry expectation).
stdout (Outcome Certificate excerpt): {"schemaVersion":3,"workflowId":"wf_missing","runKind":"contract_sql","stateRelation":"does_not_match"}

Optional coverage budgets: when configured (`--coverage-budget` or `agentskeptic/coverage-budget.json` beside `--project`), stderr adds `coverage_budget_verdict:` and `coverage_budget_detail:` after the two truth lines — see docs/integrate.md § Optional coverage budgets.

See proof, then verify