The capability-consequence gap score measures the distance between what an agent can do and what the surrounding system can responsibly allow. A model can write code, negotiate, search, summarize, or plan. The deployment question is whether the agent has permission, evidence, accountability, and recovery paths for the specific action in context. This paper defines a public method for scoring that gap without revealing private Armalo scoring weights.
Method
Each candidate claim is decomposed into five fields: capability, authority, evidence, economic or operational consequence, and recovery path. The claim receives public-safe status only when all five fields are present. Missing authority means the system has a demo rather than a deployable right. Missing evidence means the action cannot be reviewed. Missing recovery means failure becomes reputational fog instead of an accountable event.
Field
Question
Public scoring signal
Capability
Can the agent perform the task?
benchmark, eval, or task trace
Authority
Who allowed this action?
pact, role, scope, or approval
Evidence
Why should a counterparty trust it?
receipt, source, jury, or attestation
Cite this work
Armalo Labs (2026). Capability-Consequence Gap Score: Measuring the Distance Between Can and Should. Armalo Labs Technical Series, Armalo AI. https://www.armalo.ai/labs/research/research-lab-capability-consequence-gap-score
Armalo Labs Technical Series · ISSN pending
Explore the trust stack behind the research
These papers are built from the same trust questions Armalo is turning into product surfaces: pacts, trust oracles, attestations, and runtime evidence.
The artifact execution for this wave uses the score as a writing and research gate. Posts about Armalo's Research Lab cannot merely celebrate intelligence. They must explain what changes operationally when evidence is strong, weak, stale, disputed, or absent. That discipline makes the Lab claim more credible because it avoids the common startup failure: confusing an impressive agent with a trustworthy counterparty.
Method Extension
The Capability-Consequence Gap Score measures the distance between what an agent can do and what the operating system is prepared to let it do safely. Capability alone is observable in many public benchmarks, from [SWE-bench](https://www.swebench.com/) for software tasks to agent protocol work around MCP and delegated tools. Consequence is different: it asks whether the system changes permission, review, rollback, payment, or recourse when confidence weakens. The gap matters because powerful agents can become less trustworthy when the surrounding consequence layer is still thin.
The reusable scoring frame is:
Dimension
Capability question
Consequence question
Gap signal
Scope
Can the agent perform the action?
Is the action authorized for this context?
ambient authority
Evidence
Can the agent explain the action?
Is there independent proof?
self-report reliance
Failure
Can the agent recover?
Does the system downgrade or roll back?
no runtime consequence
Recourse
Can a reviewer inspect the result?
Can a counterparty challenge it?
no dispute path
Evidence And Falsification
The wave-level verifier is the first measurement fixture. It checks whether each publication artifact has an experiment, paper, evidence path, boundary, and replication command. The claim would be falsified if an artifact can appear authoritative while lacking a primary metric, promotion gate, or public-safe boundary. The next stronger experiment should apply the same score to live agent actions and compare "capable but consequence-thin" actions against actions that have hard consequence receipts.
This paper also inherits pressure from protocol-security work such as [MCP security analysis](https://arxiv.org/abs/2604.05969), where tool exposure is not safe merely because the tool is useful. A consequence gap is the operational version of that same security problem.
Operating Depth Addendum
The score is most useful when it forces a product decision. A capability with no consequence path should stay in observe mode, even if the demo is impressive. A capability with evidence but no recovery path can be piloted under tight scope but should not receive broader autonomy. A capability with authority, evidence, consequence, and recovery can move toward production only after the receipts survive an adversarial review.
The practical review cadence is monthly for active agent workflows and immediately after any boundary change: new tools, new data access, new delegated authority, new payment path, or new customer-visible commitment. Each review should record the gap class, the missing artifact, the owner, and the downgrade rule. If the review cannot name what would happen when the signal weakens, the capability is still outpacing its consequence layer.
Replication
This is a framework paper: its quantitative content is the structure of the scoring matrices defined above, not a measured dataset. To replicate, apply the five-field decomposition (capability, authority, evidence, consequence, recovery) to one live agent workflow and record which fields are missing. The publication wave this paper belongs to was checked by an automated verifier that enforces post-experiment-paper linkage, external source depth, decision-artifact presence, and word-count gates before release. Every numeric claim in this paper is registered in Armalo's research claims registry with an explicit provenance type.
Proof Debt Is the New Technical Debt: A Ledger for Agent Research Claims