Skip to main content

4 docs tagged with "audit"

View all tags

What a million assertions can't settle

Bun's Rust rewrite ran AI adversarial review at a scale worth studying — one model family, split context windows, and 1,386,826 test assertions as the final judge. StrayMark's audits look different because the target is different, and the difference isn't stylistic. When a passing test suite can be the judge, you isolate reviewers by context. When the judge is a human judgment call, you diversify by model family — and 25 audit cycles of real data show exactly why, including one family that went quietly blind.

Who the audit thought it was

StrayMark's audit is only worth anything if independent model families converge on a finding by themselves — agreement is the signal. A run of releases hardened that guarantee against three ways to fake it. The freshest is the sharpest — a router CLI injects its own product name, so an auditor stamped its report "qwen-code" even after the operator had switched the backend model. The convergence math was being fed a lie about who did the work.