TL;DR
ARIS introduces a three-layer autonomous research architecture with cross-family executor/reviewer separation and a three-stage evidence-to-claim audit cascade. The system treats assurance as a first-class workflow layer, achieving operational feasibility with reviewer scores improving from 5.
ARIS introduces a three-layer autonomous research architecture with cross-family executor/reviewer separation and a three-stage evidence-to-claim audit cascade. The system treats assurance as a first-class workflow layer, achieving operational feasibility with reviewer scores improving from 5.
29
已证实
10
证据不足
9
无法验证
N/A
可复现性
核心问题
How can autonomous research systems ensure research integrity when long-horizon tasks performed by single agents are unreliable? The paper investigates whether treating assurance as a first-class workflow layer with cross-family executor/reviewer separation can address the failure mode of plausible unsupported success.
核心方法
{'approach': 'ARIS implements a three-layer architecture mapping to three bottlenecks: persistent research state via a research wiki, modular execution via 65+ Markdown skill files, and independent assurance via cross-family executor/reviewer pairings. The core mechanism is a critique-to-action loop where reviewers from different model families score artifacts and return action items until convergence, complemented by a three-stage evidence-to-claim audit cascade for experimental integrity.', 'key_components': ['The critique-to-action loop involves an executor producing an artifact and a cross-family reviewer providing scores and action items until convergence or maximum rounds.', 'Reviewer independence is maintained by having reviewers read referenced artifacts directly rather than relying on executor summaries.', 'Reviewers are configured along two axes: access scope (document-only, artifact-augmented, repository-level) and context policy (fresh versus cross-round).', 'Automatic debugging assigns failures to predefined error classes with class-specific remediation and up to three retry attempts.', 'An independently configured third model can provide diagnosis through a dedicated rescue step when remediation attempts fail.', 'The assurance stack addresses the risk that executor agents may use deceptive methods to improve peer review scores during dialogue.', 'The stack includes a three-stage evidence-to-claim audit cascade for experimental integrity.', 'A manuscript assurance layer provides checks for prose, proof, and presentation quality.', 'System-wide controls include effort levels and reviewer routing to set audit depth and reviewer backend.', 'The assurance stack operationalizes bottleneck (iii) of independent assurance from Section 1.'], 'section_ids': ['sec_4', 'sec_5']}
论点验证
证据不足 (40%)
Any long-term task performed by a single agent is unreliable.
This is presented as a 'stringent assumption' (p_4) that motivates the system design, not as an empirically tested hypothesis. The paper mentions risks like 'laziness, hallucinations, or deceptive behavior' but provides no quantitative evidence, cont
This is presented as a 'stringent assumption' (p_4) that motivates the system design, not as an empirically tested hypothesis. The paper mentions risks like 'laziness, hallucinations, or deceptive behavior' but provides no quantitative evidence, cont
已证实 (85%)
Aris responds by treating assurance as a first-class workflow layer rather than a single review pass, separating artifact production from evidence checking, claim mapping, and manuscript review.
The paper demonstrates this architectural contribution through detailed description of the assurance layer in §3. The separation of artifact production from evidence checking, claim mapping, and manuscript review is concretely implemented through the
The paper demonstrates this architectural contribution through detailed description of the assurance layer in §3. The separation of artifact production from evidence checking, claim mapping, and manuscript review is concretely implemented through the
已证实 (85%)
An assurance stack that uses separate executor and reviewer models, including a three-stage process for checking whether claims are supported by evidence (integrity verification, result-to-claim mapping, claim auditing against the claim ledger and raw evidence), a five-pass scientific-editing pipeline, mathematical-proof checks, and visual PDF inspection.
The paper provides detailed specification of the assurance stack in §3. The three-stage process (integrity verification, result-to-claim mapping, claim auditing) is described in p_23-p_28 with concrete implementation details. The five-pass scientific
The paper provides detailed specification of the assurance stack in §3. The three-stage process (integrity verification, result-to-claim mapping, claim auditing) is described in p_23-p_28 with concrete implementation details. The five-pass scientific
已证实 (80%)
A modular system architecture organized into three layers—execution, orchestration, and assurance—with more than 65 reusable skills, a persistent research wiki for iterative reuse of prior findings, deterministic figure generation, adjustable effort levels, configurable reviewer routing, and a prototype self-improvement loop.
The paper demonstrates this architectural contribution through detailed description in §2-§4.5. The three layers (execution, orchestration, assurance) are mapped to the three bottlenecks in p_10. The 65+ skills claim is stated in p_37 and p_53. The r
The paper demonstrates this architectural contribution through detailed description in §2-§4.5. The three layers (execution, orchestration, assurance) are mapped to the three bottlenecks in p_10. The 65+ skills claim is stated in p_37 and p_53. The r
已证实 (90%)
Aris defaults to pairing executor and reviewer from different model families and treats this as the recommended configuration.
The paper clearly states this design choice in p_12 and provides concrete implementation details: 'The default configuration we ship and document is Claude-family executor with GPT-family reviewer (Codex MCP, Oracle MCP) or vice versa.' The design ch
The paper clearly states this design choice in p_12 and provides concrete implementation details: 'The default configuration we ship and document is Claude-family executor with GPT-family reviewer (Codex MCP, Oracle MCP) or vice versa.' The design ch
已证实 (85%)
Each research capability is defined primarily by a SKILL.md file, a plain-text Markdown specification that can be interpreted by multiple LLM-based coding agents, enabling independent development, domain-specific extensions, and component-level updates.
The paper demonstrates this design choice through detailed description in p_37: 'A SKILL.md contains a YAML frontmatter (name, description, trigger conditions, allowed tools) followed by a natural-language workflow specification: inputs, outputs, ste
The paper demonstrates this design choice through detailed description in p_37: 'A SKILL.md contains a YAML frontmatter (name, description, trigger conditions, allowed tools) followed by a natural-language workflow specification: inputs, outputs, ste
已证实 (85%)
Skills can be chained into workflows, with per-invocation parameter overrides and checkpoint-based recovery across sessions.
The paper demonstrates this design choice through description in p_13 and p_42-p_44. Workflow composition is shown in Figure 1 and Table 2. Checkpoint-based recovery is mentioned in p_39: 'This design improves auditability, checkpoint-based recovery,
The paper demonstrates this design choice through description in p_13 and p_42-p_44. Workflow composition is shown in Figure 1 and Table 2. Checkpoint-based recovery is mentioned in p_39: 'This design improves auditability, checkpoint-based recovery,
证据不足 (50%)
The same SKILL.md files can be used in Claude Code, Codex CLI, and Cursor with no file-level changes.
This is an empirical claim about portability that requires testing evidence. The paper states the claim in p_14 but provides no experimental validation—no test results showing the same SKILL.md files running successfully on all three platforms, no ta
This is an empirical claim about portability that requires testing evidence. The paper states the claim in p_14 but provides no experimental validation—no test results showing the same SKILL.md files running successfully on all three platforms, no ta
已证实 (85%)
The core mechanism is a critique-to-action loop. The executor first produces an artifact (code, manuscript section, or experiment design). A reviewer—which the recommended configuration draws from a different model family—then assigns a review score under a predefined rubric and returns structured action items.
The paper demonstrates this core mechanism through detailed description in p_16. The critique-to-action loop is fully specified: executor produces artifact, reviewer assigns score under predefined rubric, returns structured action items, executor add
The paper demonstrates this core mechanism through detailed description in p_16. The critique-to-action loop is fully specified: executor produces artifact, reviewer assigns score under predefined rubric, returns structured action items, executor add
已证实 (90%)
The loop terminates either when the review score exceeds a predefined threshold (default 6/10) and all critical review items have been resolved, or when it reaches a preset maximum number of rounds (default 4).
The paper specifies the termination conditions with concrete default values in p_16: 'The loop terminates either when the review score exceeds a predefined threshold (default 6/10) and all critical review items have been resolved, or when it reaches
The paper specifies the termination conditions with concrete default values in p_16: 'The loop terminates either when the review score exceeds a predefined threshold (default 6/10) and all critical review items have been resolved, or when it reaches
已证实 (85%)
The executor supplies file paths and a review objective. The reviewer then reads the referenced artifacts directly and forms an independent assessment.
The paper demonstrates this design choice through description in p_17. The reviewer independence protocol is specified: executor supplies file paths and review objective, reviewer reads artifacts directly. The rationale is explained: 'If the executor
The paper demonstrates this design choice through description in p_17. The reviewer independence protocol is specified: executor supplies file paths and review objective, reviewer reads artifacts directly. The rationale is explained: 'If the executor
已证实 (85%)
Aris configures reviewers along two orthogonal axes. The first axis is access scope: document-only (reviewer reads the manuscript text), artifact-augmented (reviewer additionally reads supporting artifacts such as result files), and repository-level (reviewer directly inspects the codebase and generated outputs through repository access tools). The second axis is context policy: fresh (each review round opens a new thread with no prior context, used to prevent confirmation bias) versus cross-round (reviewer retains state across rounds and explicitly verifies whether previously raised issues have been addressed).
The paper demonstrates this contribution through detailed specification in p_18. The two orthogonal axes are clearly defined with concrete settings: access scope (document-only, artifact-augmented, repository-level) and context policy (fresh vs cross
The paper demonstrates this contribution through detailed specification in p_18. The two orthogonal axes are clearly defined with concrete settings: access scope (document-only, artifact-augmented, repository-level) and context policy (fresh vs cross
已证实 (85%)
When experiments fail, the system assigns the failure to a predefined error class, applies a class-specific remediation, and retries up to a configurable limit (default three attempts). The executor must attempt at least two distinct remediation strategies before marking a reviewer issue as unresolved.
The paper demonstrates this design choice through specification in p_19 with concrete defaults: 'retries up to a configurable limit (default three attempts)' and 'The executor must attempt at least two distinct remediation strategies before marking a
The paper demonstrates this design choice through specification in p_19 with concrete defaults: 'retries up to a configurable limit (default three attempts)' and 'The executor must attempt at least two distinct remediation strategies before marking a
证据不足 (45%)
Community reports and internal debugging revealed that executor agents can produce misleading experimental outputs, including model-derived references, self-normalized metrics, and claims unsupported by output files.
This is an empirical finding claim that requires quantitative evidence. The paper states in p_23 that 'Community reports and internal debugging revealed that executor agents can produce misleading experimental outputs' but provides no data: no number
This is an empirical finding claim that requires quantitative evidence. The paper states in p_23 that 'Community reports and internal debugging revealed that executor agents can produce misleading experimental outputs' but provides no data: no number
已证实 (85%)
Stage 1: Experiment-integrity audit (/experiment-audit). A cross-model reviewer audits the evaluation code and outputs against the following integrity failure modes: (1) model-derived reference labels—reference targets are synthesized from model outputs rather than obtained from the dataset or another declared source; (2) self-normalized scores—metrics use denominators derived from the model's own predictions, which can inflate or distort reported performance; (3) phantom results—claimed numbers that do not match actual output files; (4) dead-code or unused-metric inflation—evaluation code defines additional metrics or branches that are never executed but are described as part of the analysis; (5) scope inflation—claims generalize beyond the tested datasets, seeds, or experimental settings.
The paper demonstrates this contribution through detailed specification in p_24-p_25. All five integrity failure modes are clearly defined with concrete examples: model-derived reference labels, self-normalized scores, phantom results, dead-code infl
The paper demonstrates this contribution through detailed specification in p_24-p_25. All five integrity failure modes are clearly defined with concrete examples: model-derived reference labels, self-normalized scores, phantom results, dead-code infl
已证实 (85%)
Stage 2: Result-to-claim mapping (/result-to-claim). Each candidate experimental claim is evaluated against the available evidence and assigned one of three verdicts: supported, partially supported, or invalidated.
The paper demonstrates this contribution through specification in p_26. The three verdicts (supported, partially supported, invalidated) are clearly defined. The propagation of Stage 1 integrity status is specified. The output (claim ledger) is descr
The paper demonstrates this contribution through specification in p_26. The three verdicts (supported, partially supported, invalidated) are clearly defined. The propagation of Stage 1 integrity status is specified. The output (claim ledger) is descr
已证实 (85%)
Stage 3: Paper-claim audit (/paper-claim-audit). A fresh zero-context reviewer—implemented as a new Codex thread with no prior conversation history—reads the manuscript LATEX source together with raw result and configuration files, then cross-checks the paper's quantitative claims.
The paper demonstrates this contribution through detailed specification in p_27. The implementation is concrete: 'a new Codex thread with no prior conversation history.' The checks are specified: numerical mismatches, best-seed cherry-picking, config
The paper demonstrates this contribution through detailed specification in p_27. The implementation is concrete: 'a new Codex thread with no prior conversation history.' The checks are specified: numerical mismatches, best-seed cherry-picking, config
证据不足 (40%)
Five-pass scientific-editing pipeline. Inspired by the principles of scientific writing pedagogy (Sainani, 2019)
The claim mentions a 'five-pass scientific-editing pipeline' but the paper only briefly states it is 'Inspired by the principles of scientific writing pedagogy (Sainani, 2019)' in p_30. The five passes are not described—what each pass does, what it c
The claim mentions a 'five-pass scientific-editing pipeline' but the paper only briefly states it is 'Inspired by the principles of scientific writing pedagogy (Sainani, 2019)' in p_30. The five passes are not described—what each pass does, what it c
已证实 (80%)
Proof verification (/proof-checker). For theory-heavy papers, the proof-checker uses a 20-category issue taxonomy together with a two-axis severity scheme that separates proof status (e.g., invalid, unjustified, unclear) from impact (global, local, cosmetic).
The paper demonstrates this contribution through specification in p_30. The 20-category issue taxonomy and two-axis severity scheme (proof status × impact) are described. The checker verifies theorem applications against side-condition checklists and
The paper demonstrates this contribution through specification in p_30. The 20-category issue taxonomy and two-axis severity scheme (proof status × impact) are described. The checker verifies theorem applications against side-condition checklists and
已证实 (85%)
Visual PDF review. The /auto-paper-improvement-loop sends both the LATEX source and the compiled PDF to the reviewer. The reviewer assesses substantive content from the source and visual presentation from the PDF: figure readability, caption-figure alignment, layout quality (orphaned headers, misplaced floats), table formatting, and color consistency across all figures.
The paper demonstrates this contribution through specification in p_31. The mechanism is concrete: '/auto-paper-improvement-loop sends both the LATEX source and the compiled PDF to the reviewer.' The review dimensions are specified: figure readabilit
The paper demonstrates this contribution through specification in p_31. The mechanism is concrete: '/auto-paper-improvement-loop sends both the LATEX source and the compiled PDF to the reviewer.' The review dimensions are specified: figure readabilit
... 共 48 个论点
可复现性评估
较低可复现性 (0%)
缺失的复现细节
- No code available - the entire ARIS system implementation is not publicly accessible
- No data available - training data, evaluation datasets, and experimental results not provided
- Model specifications - which specific LLM models and model families are used for executor and reviewer agents
- Complete hyperparameters - only some defaults mentioned (6/10 threshold, 4 rounds, 3 attempts) but many others missing (temperature, top-p, etc.)
- Prompt templates - exact prompts and instructions used for executor and reviewer agents
- Protocol document - the shared protocol document mentioned in p_17 that governs reviewer independence is not provided
- Error classification system - details of predefined error classes and class-specific remediation strategies
- Hardware/environment specifications - computational resources, API configurations, and runtime environment
- Evaluation methodology - how the system was tested, what benchmarks were used, and success metrics
- Random seeds - no mention of seeds for reproducibility of stochastic LLM outputs
局限性(作者自述)
- This is a single trajectory on one paper; we do not generalize from it. This run should be read as evidence that the harness can operationalize claim pruning and review-driven revision in one realistic trajectory, not as causal evidence that cross-family review is superior to same-family review.
- Aris cannot guarantee that any output is correct, novel, or scientifically sound. LLM outputs can include factual hallucinations and methodological gaps; cross-model review reduces some failure modes without eliminating them.
- The three-stage audit cascade can catch common integrity failures, but it cannot detect every error, inconsistency, or fabrication. It is an advisory safety net, not a formal verification system.
- The review loop can amplify reviewer biases: if the reviewer consistently demands a particular methodology, the loop may overfit to the reviewer model's preferences rather than improve broader scientific quality. Over-iteration past diminishing returns can degrade paper quality.
- Repository-level review may send source code to external LLM APIs, raising confidentiality concerns. Users should not enable repository-level review on repositories containing sensitive code or secrets unless an approved local-only review path is available.
本分析由 PDF 阅读助手 自动生成,仅供参考,不构成学术评审意见。验证结论和可复现性评估基于论文文本自动分析,可能存在偏差。原始论文请参阅 arXiv。
分析时间:2026-05-06T13:09:36+00:00 · 数据来源:Paper Collector