PRISM — Risk Intelligence Scoring

Why This Matters

AI-generated code is flooding into production at a pace human reviewers cannot match. But not all AI-generated code carries the same risk. A model adding a docstring is fundamentally different from a model autonomously creating an authentication handler — yet most teams have no way to distinguish between them at review time.

Without quantified risk:

Review fatigue — Every AI-generated change looks the same to your pipeline. Reviewers burn out treating low-risk edits with the same scrutiny as high-risk creations.
Invisible risk accumulation — Large, unreviewed, high-temperature code generations slip through because nothing flags them as different from routine changes.
No gating criteria — Teams want to automate low-risk merges and gate high-risk ones, but without a scoring framework there's nothing to gate on.

VIBES already captures the signals that risk assessment needs — action types, scope, assurance levels, review status, temperature. PRISM defines how to combine those signals into a single quantified score that your CI/CD pipeline can act on.

What is PRISM?

PRISM (Provenance & Risk Intelligence Scoring Model) is a standalone risk scoring extension built on VIBES audit data. Every annotation in a VIBES audit trail carries contextual signals — what kind of action was taken, how large the change was, what assurance level was configured versus what was actually recorded, whether human review occurred. PRISM combines these signals into a single 0.0–1.0 score.

PRISM is a framework, not a fixed formula. The reference algorithm below uses a weighted average, but implementors are free to substitute their own scoring models as long as the output conforms to the 0.0–1.0 range and the risk_factors array provides transparency into which signals drove the score.

PRISM integrates with VERIFY for attested risk scores and with EVOLVE for agent learning feedback — but operates independently as its own extension.

Severity Bands

PRISM scores map to four severity bands, each with a recommended action for CI/CD pipeline integration.

Band	Range	Meaning	Recommended Action
Low	0.00 – 0.29	Routine change with minimal risk signals	Auto-merge permitted
Medium	0.30 – 0.59	Moderate risk — larger scope or assurance gap	Flag for review; require approval
High	0.60 – 0.79	Significant risk — complex change or missing review	Block merge; require senior review
Critical	0.80 – 1.00	Extreme risk — large unreviewed creation at high temperature	Block merge; escalate to security team

PRISM Signal Vocabulary

The following signals are available for PRISM computation. Each signal produces a normalized 0.0–1.0 value and carries an implementor-defined weight.

temperature — Model sampling temperature at generation time. Higher temperatures increase output randomness and reduce reproducibility. optional
action_type — Whether the change was a create, modify, or review. New file creation carries higher risk than modification of existing, reviewed code. required
scope_lines — Total line count of the annotated change. Larger changes have more surface area for defects. required
assurance_gap — Difference between the configured assurance level and the actual assurance data recorded. A project configured for High assurance that only captured Low-level data has a significant gap. optional
review_status — Whether the change has been human-reviewed. Unreviewed AI-generated code carries inherently higher risk. optional
prompt_complexity — Estimated complexity of the prompt that generated the change, derived from token count and instruction structure. Available at Medium assurance and above. optional

Reference Algorithm

The reference PRISM computation is a weighted average of available signals. Implementors may substitute any scoring model as long as the output conforms to the 0.0–1.0 range and provides a transparent risk_factors array.

// Reference: weighted-average PRISM computation PRISM = Σ(signal_value × signal_weight) / Σ(signal_weight) // Example with three signals: // action_type = 0.6 (create → high) weight = 0.15 // scope_lines = 0.35 (moderate change) weight = 0.15 // assurance_gap = 0.5 (medium gap) weight = 0.10 // // PRISM = (0.6×0.15 + 0.35×0.15 + 0.5×0.10) / (0.15 + 0.15 + 0.10) // = (0.09 + 0.0525 + 0.05) / 0.40 // = 0.48 → Medium severity band

Storage Format

PRISM data is stored directly on VIBES annotation records using two optional fields: risk_score (the computed 0.0–1.0 value) and risk_factors (an array of signal assessments providing transparency into the score).

// risk_score and risk_factors on a VIBES annotation record { "type": "line", "file_path": "src/routes/auth.py", "line_start": 1, "line_end": 45, "action": "create", "assurance_level": "medium", "risk_score": 0.42, "risk_factors": [ {"signal": "action_type", "value": 0.6, "weight": 0.15}, {"signal": "scope_lines", "value": 0.35, "weight": 0.15}, {"signal": "assurance_gap", "value": 0.5, "weight": 0.10} ] }

Risk-Based CI/CD Gating

PRISM scores are most powerful when they drive automated pipeline decisions. Rather than treating every AI-generated change identically, teams can set thresholds that gate merges based on quantified risk — low-risk changes flow through automatically while high-risk changes require human review.

The vibecheck CLI provides built-in commands for PRISM evaluation. Run these in your CI pipeline to enforce risk-based gating without custom scripting.

Pipeline Integration Steps

Compute risk scores

Run vibecheck risk in your project directory. This scans the .ai-audit/annotations.jsonl file, computes PRISM scores for every annotation that has signal data, and outputs a summary with per-file scores and an aggregate project score.

Set a threshold for CI

Use vibecheck risk --threshold 0.6 --ci to fail the pipeline if any annotation exceeds the threshold. The --ci flag sets the exit code to non-zero on threshold violation, making it compatible with any CI system that checks exit codes.

Inject PR summaries

Use vibecheck risk --format json to produce machine-readable output. Pipe this into your PR bot or GitHub Action to post a risk summary comment on every pull request, giving reviewers immediate visibility into which files carry elevated risk.

Block critical merges

For high-stakes repositories, set a hard gate: vibecheck risk --threshold 0.8 --ci --fail-on critical. Any annotation in the Critical band (PRISM ≥ 0.80) blocks the merge and triggers an escalation notification to the security team.

Example: Pre-Merge Gate

A minimal GitHub Actions step that blocks merges where any annotation exceeds the High severity threshold:

# .github/workflows/vibecheck.yml - name: PRISM Risk Gate run: | vibecheck risk --threshold 0.6 --ci env: CI: true

JSON Output Format

The --format json flag produces structured output suitable for dashboards, PR bots, and downstream analysis tools.

// vibecheck risk --format json { "project_score": 0.38, "band": "medium", "threshold": 0.6, "pass": true, "files": [ { "path": "src/routes/auth.py", "score": 0.42, "band": "medium", "annotations": 3 }, { "path": "src/models/user.py", "score": 0.18, "band": "low", "annotations": 1 } ], "summary": "2 files scored, 0 above threshold" }

Related Standards

PRISM is one of four complementary standards in the VIBES ecosystem.

PRISM computes risk scores from VIBES audit data. Risk scores can be cryptographically attested via VERIFY, and feed into EVOLVE agent learning pipelines as quantitative signal.

VIBES Standard VERIFY Standard EVOLVE Standard vibecheck CLI Implementors Guide