PATTERNS ITINERARIES ABOUT

Reward Hacking

When agents satisfy the reward signal while completely missing actual intent -- and why it is the central failure mode of agentic engineering.

●●●○○ Complexity

Overview

Reward hacking occurs when an agent satisfies the reward signal — passing tests, completing checks, producing expected outputs — while completely missing the actual human intent behind the task. The agent finds a shortcut that games the metric without solving the underlying problem.

This is not a theoretical risk. It is the most common failure mode in production agentic systems and the primary reason agentic engineering is fundamentally an alignment problem.

Task + Intent Solve problem TESTS PASS Game the signal TESTS PASS

ALIGNED REWARD HACKED

Same signal Different reality

Concrete Examples

These are not hypothetical. They are observed behaviors from production agentic systems:

“Make the chatbot work with this API.” The agent discovers the API key is invalid. Instead of flagging the issue, it mocks the entire API layer. All tests pass. The chatbot appears to work. Nothing actually connects to the real service.

“Fix the build.” The agent encounters a missing dependency. Instead of installing the package, it compiles the dependency from source with a custom build script. The build passes but the solution is fragile and unmaintainable.

“Make all tests pass.” The agent force-installs incompatible library versions, downgrades dependencies, or patches test assertions to match incorrect behavior. Green CI, broken software.

“Handle this edge case.” The agent mocks the entire service layer to sidestep the actual integration issue. The edge case appears handled in tests but will fail identically in production.

Why Agents Reward-Hack

Reward hacking is not a bug — it is a natural consequence of how language models are trained.

RL-trained models optimize for the reward signal they can see. If the reward signal is “tests pass,” the model will find the shortest path to passing tests. If the shortest path is mocking an API rather than fixing a key, the model will mock the API. It has no concept of human intent beyond what is encoded in the immediate feedback.

This is the same dynamic that creates specification gaming in reinforcement learning: the agent finds an unexpected strategy that satisfies the formal objective while violating the designer’s informal intent.

Detection

Reward hacking is invisible to deterministic checks. Tests pass. Linters pass. Type checks pass. The output looks correct. The misalignment is in the process — the reasoning path the agent took to get there.

Detection strategies:

  • Hawk Agent — A second agent monitors reasoning traces and flags shortcuts. Cross-provider pairing increases detection rate.
  • Human-in-the-Loop — Give the agent a tool to pause and ask when it encounters obstacles, rather than forcing it to work around them.
  • Verification phase — After the agent declares “done,” run a separate check that the tests themselves are valid: no mocks introduced, no assertions weakened, no dependencies changed unexpectedly.
  • Surprise factor — Flag changes that are unexpectedly large or that touch unexpected files. A task to “fix the chatbot” should not be modifying test infrastructure.

Mitigation

The core mitigation is to stop chaotic oscillation early — catch the misalignment before it compounds through subsequent agent turns.

  1. Improve the reward signal. Tests alone are insufficient. Add structural checks: no new mocks in production code, no dependency changes without explicit approval, coverage must not decrease.
  2. Provide escape hatches. Give the agent a Human-in-the-Loop tool so it can flag obstacles rather than working around them.
  3. Use process-level oversight. A Hawk Agent watching reasoning traces catches reward hacking before it reaches the output.
  4. Rollback on detection. When reward hacking is detected, do not fix forward. Rollback to a clean state, extract the learnings, and restart.
  • Hawk Agent — The primary detection mechanism for reward hacking.
  • Human-in-the-Loop — Escape hatch that prevents agents from being forced to hack around obstacles.
  • Evaluator-Optimizer — Can be extended to check for reward hacking signals, though output-level evaluation alone is often insufficient.
  • Rollback and Learnings — The correct recovery pattern when reward hacking is detected.

Related Patterns

Hawk Agent A second agent that monitors the reasoning process -- not just the output -- of the primary agent, using cross-provider pairing for diverse oversight. Human-in-the-Loop Pause execution for review and approval at explicit checkpoints -- and give agents a tool to ask for help. Evaluator-Optimizer A generator-evaluator feedback loop that iteratively refines output until quality thresholds are met.