LLM Evals: Correctness vs Usefulness vs Safety
A chatbot hallucinating a date is a minor annoyance. A coding agent hallucinating a method call is a broken build or a production incident (and believe me, your on-call engineer will not be amused). We need to stop obsessing over generic benchmarks and start focusing on whether the artifact survives contact with the compiler.
For anyone building a real-world AI workflow or an LLM agent, you have to measure three distinct axes. If you're only measuring one, you're flying blind.
The Three-Axis Framework
rm -rf happens in a production environment. For dev tools, safety isn't about "avoiding offensive language"—it's about blast radius. Did the agent execute a destructive command? Did it scrape a README that contained a prompt injection that hijacked the session? Why Dev Tools are Different
Generic LLM advice focuses on "vibes" or LLM-as-a-judge scoring. In the dev world, we have something better: the build pipeline. A diff either applies or it doesn't. A test is either green or red.
The danger is that failure modes in developer tools are sharper. A silent failure—like an agent using a deprecated API that still happens to compile but fails at runtime—is far worse than a chatbot giving a slightly wrong summary.
If you're building a deployment pipeline or a coding assistant, your eval suite needs to move beyond "does this look right" to "does this actually work in the environment." Stop trusting the "Verified" scores on a leaderboard and start building a local test suite that treats LLM outputs as untrusted code.
1. Compliance overhead usually kills agility.
2. We need a streamlined workflow to map EU AI Act requirements to our product roadmap without stalling the dev team.
How are you guys balancing governance with speed?