OpenAI says 30% of SWE-Bench Pro is broken. We saw it first.

The same flaw is hiding in your own backlog, at a higher rate. Here's why graded scoring catches what pass/fail testing misses.

Minimal red illustration of a park bench beneath a floating software-code icon connected by dotted lines to an enlarged circular plus symbol.

OpenAI says 30% of SWE-Bench Pro is broken. We saw it first.

The same flaw is hiding in your own backlog, at a higher rate. Here's why graded scoring catches what pass/fail testing misses.

Minimal red illustration of a park bench beneath a floating software-code icon connected by dotted lines to an enlarged circular plus symbol.
Chapters

OpenAI says 30% of SWE-Bench Pro is broken. Our LLM judge had already flagged the evidence.

Last week, OpenAI published an audit of SWE-Bench Pro, a popular AI coding benchmark, and estimated that roughly 30% of its tasks are broken—most often because the hidden tests are stricter than the task actually asks. 

We read that post with particular interest, because a few weeks earlier, while validating our own execution-free judge against that same benchmark, we had hit a cluster of cases we couldn’t explain away: patches our judge scored highly that the benchmark’s tests failed. 

We treated every one of those disagreements as our error and investigated them as such. Some of them were. But one recurring pattern wasn't: functionally valid patches that solved the task in a different way than the official fix. The tests, written for that one implementation, rejected them anyway.

OpenAI’s audit now gives that pattern a name and a base rate. This post is about what a graded, execution-free score sees that a binary test verdict structurally cannot, and why disagreement between two metrics is sometimes the most useful data you have.

Why should you care? Because choosing the best AI model has become a budget decision in addition to a technical one—and benchmark numbers are often the default evidence for these decisions. Which model to route your team’s coding work to, whether the expensive frontier model earns its premium, whether “agents improved 3x this year” is capability or noise—all those decisions sit downstream of scores like SWE-Bench Pro’s. So, can you trust it? Read on.

We were auditing ourselves, not the benchmark

A quick recap for new readers: Our evaluation framework replays a company’s real engineering history, where tests usually can’t run. So instead of executing code, we build a per-task rubric (a weighted checklist of criteria grounded in the actual repository), and then a blinded LLM judge scores each candidate patch against it. The score is graded, 0 to 1, not pass/fail. 

Part of our evaluation framework involves validating against public benchmarks where ground truth exists. We ran our judge over a subset of roughly 100 SWE-Bench Pro tasks, each with multiple alternative patches from different models, several hundred patches altogether. The point of this validation is to find our own mistakes. 

The most suspicious pattern a judge can show is leniency: scoring patches highly that the test harness says failed. Every one of those is a potential false positive. So we did what you should do with a suspicious metric: we pulled the lenient cases and categorized them one by one to investigate further.

Rubric Scores of all 509 patches for the 152 disagreement cases, split by the benchmark’s test verdict. The red patches above the green dashed line (the passing-class average) are the 152 disagreements we investigated one by one

Reading 152 disagreements, one by one

Here’s how we did the reading. We took all 152 disagreement cases—every patch that failed the tests but scored above the average of the passing ones—and classified each one individually. For every case, an LLM analyst got access to: 

  • The candidate diff
  • The official fix
  • The task description
  • The rubric with its item-by-item verdicts
  • How the official fix scored on that same rubric
  • The test results 

Each case was labeled independently, with no analyst seeing another’s work. 

We had shaped the categories in an earlier manual pass over a dozen cases, and one rule stayed fixed throughout, because every disagreement has two suspects: either the tests were wrong about the patch, or our rubric was wrong to score it highly. 

To tell them apart, we use the official fix (where the solution is known to be correct) as a control, and score it on the same rubric. If the official fix scores well, the rubric recognizes correct work, and its verdict on the failing patch means something. If the official fix also scores poorly, the rubric is the broken instrument, and the case is charged to us. Without that rule, every disagreement could be conveniently blamed on the benchmark. One judgment per case means the exact percentages carry a few points of noise either way, but the shape of the distribution is stable.

What the rubric's disagreements with the test harness actually are: census of all 152 test-failing-but-high-scoring patches. The divergent-design cluster is the patch-side image of OpenAI's overly strict tests category.

The top two clusters are the most interesting to look at:

Near misses: right answer, zero credit (47%)

The near misses made up the larger cluster. These were patches that made real, substantial progress (correct root cause, correct fix) but then failed on something incidental, like a broken import. To the test harness, these are a flat zero, indistinguishable from an empty diff. Our judge scored them high, because most of the rubric was genuinely satisfied.

At first glance, that looks like leniency. It isn’t. It’s the difference between a graded instrument and a binary one. “Failed, but nearly shipped” and “failed, produced nothing” are different outcomes. A score that collapses them throws away exactly the information you need when comparing models on hard work, where even the best models fail often. This is the same property behind the strongest result in our previous post: the rubric score can recover a mode’s capability ranking from its failing patches alone.

Divergent designs: right solution, wrong shape (23%)

The divergent designs made up the second largest cluster, and the interesting one for this post. These were patches that were functionally valid solutions to the task but implemented differently than the official fix. The benchmark’s tests, written to validate one specific change, rejected them. Some of these “failed” patches score above the official fix on the same rubric.

Here, our judge and the harness weren’t disagreeing about quality. They were answering different questions. 

The rubric asks: Does this patch do what the task requires? 

The tests ask: Does this patch behave like the one specific patch we wrote tests for? 

When a task admits more than one valid design, those questions come apart.

We could see this pattern clearly because we had multiple alternative patches per task. Looking at a task description alone, an over-strict test is hard to spot. Looking at five different attempts, including good ones that fail, the pattern jumps out.

The rest: our misses and the messy middle

The remaining clusters are smaller. The regressions-only cases (7%) are patches that passed every test for the requested change, but broke pre-existing tests along the way. This is accomplished work with real collateral damage, and one can disagree over whether that counts as progress (you would not merge that patch). 

Two clusters are unambiguously ours: the mechanical breakages (12%) and the incomplete-or-stub cases (9%), which include broken imports, junk files, and placeholder logic presented as complete. Those are defects a careful reviewer reads right off the diff, and the judge credited them anyway. 

Finally, there are the rubric defects (1%): two cases where the checklist itself was bad, caught by the official-fix control described above. So, altogether roughly three-quarters of the disagreements are the graded score doing its job on work the binary label erases, while about a fifth are our judge's misses that we had to keep working on.

We logged all of this as a finding about our validation setup and moved on. Then OpenAI published their audit.

OpenAI found the same thing from the other side

OpenAI’s audit reports an estimated ~30% of SWE-Bench Pro tasks have quality issues, and the single most common failure mode is tests that are overly strict; they enforce implementation details the task never specified, so functionally correct submissions fail. Their diagnosis of the root cause matches what we saw from the patch side: benchmark tasks are harvested from real repository history, and the tests in a merged PR were written to validate that PR, not to define an implementation-agnostic standard of correctness.

Evidence of breaking issues in a significant portion of the dataset. Datapoint analysis pipeline flagged 200 (27.4%) broken tasks, while the human annotation campaign identified 249 (34.1%). Source: OpenAI

In other words: the divergent-design cluster we’d been staring at is their #1 failure category, seen from the opposite direction. They audited the tasks and predicted that valid alternative solutions would be rejected. We had the rejected valid solutions and worked back toward the tests.

What we’re not claiming

Two honesty notes, because this is where a post like this can overreach.

Our judge is not a benchmark auditor. It’s tempting to conclude that rubric/harness disagreement can be used as a broken-task detector—just flag every case where the two differ. We tested that idea, and it doesn’t work. Disagreement is spread too evenly to isolate broken tasks on its own, because the two instruments differ by design on every near miss, not just on broken tasks. A graded score disagrees with a binary one constantly, and most of that disagreement is the graded score doing its job.

Overlap is not reproduction. We looked at ~100 tasks through the lens of alternative patches; OpenAI audited the full benchmark with an investigator pipeline plus human annotation. The findings are aligned. The numbers are not comparable, and we’re not claiming ours confirms theirs.

What actually matters here

The deeper point in OpenAI’s post is structural: any benchmark built automatically from repository history inherits tests that were never meant to be a general standard of correctness. Their conclusion is that the industry needs evaluation approaches built deliberately for measuring AI coding work, with human oversight, rather than harvested from artifacts built for something else.

That’s the premise we started from. Real engineering work mostly can’t be scored by tests at all— whether the environments are gone or the coverage is thin—which is why we built a graded, execution-free score and then spent our effort proving it trustworthy rather than assuming the harness is. The lesson we took from this episode is about that proof: when your metric disagrees with the ground truth you’re validating against, the disagreements are not noise to minimize; they’re a sample worth reading one by one. Some of them will be your bugs, and some of them could be an issue of the supposed ground truth.

There’s a version of this that lands closer to home. SWE-Bench Pro is a curated benchmark: tasks were selected, tests were checked, thousands of researchers have run it—and it still carries an error rate near 30%. 

Now consider what happens when you evaluate AI agents on your own engineering backlog, which is what more and more teams are doing. 

Your ticket descriptions were written for a colleague who had context, not as complete specifications. 

Your tests were written to validate one specific change, not to define correctness. 

Nobody has audited any of it. 

An uncurated task set inherits every failure mode OpenAI documented, at a higher rate, with no annotation campaign to catch it. So when an agent “fails” 60% of your historical tickets, some real fraction of that number is your task set, not the agent—and a single binary verdict per task will never tell you which. 

The practical takeaways are the same ones we applied to ourselves: score work on a gradient so that near misses are visible, use more than one measure, and treat the disagreements as the reading list.

At Faros, this score is what powers Time Machine. We replay your engineering history to measure which models and harnesses handle your work best—on your repositories, your task mix, and your review standards, including all the work no test suite can reach. And because we read the disagreements instead of discarding them, the same replay tells you something about your task set itself: where your tickets under-specify, where your tests over-constrain. That turns a benchmark-quality problem into an engineering insight. Contact us for a demo.

Thierry Donneau-Golencer

Thierry Donneau-Golencer

Thierry is Head of Product at Faros, where he builds solutions to empower teams and drive engineering excellence. His previous roles include AI research (Stanford Research Institute), an AI startup (Tempo AI, acquired by Salesforce), and large-scale business AI (Salesforce Einstein AI).

AI Is Everywhere. Impact Isn’t.
75% of engineers use AI tools—yet most organizations see no measurable performance gains.

Read the report to uncover what’s holding teams back—and how to fix it fast.
Cover of Faros AI report titled "The AI Productivity Paradox" on AI coding assistants and developer productivity.
Discover the Engineering Productivity Handbook
How to build a high-impact program that drives real results.

What to measure and why it matters.

And the 5 critical practices that turn data into impact.
Cover of "The Engineering Productivity Handbook" featuring white arrows on a red background, symbolizing growth and improvement.
Graduation cap with a tassel over a dark gradient background.
AI ENGINEERING REPORT 2026
The Acceleration 
Whiplash
The definitive data on AI's engineering impact. What's working, what's breaking, and what leaders need to do next.
  • Engineering throughput is up
  • Bugs, incidents, and rework are rising faster
  • Two years of data from 22,000 developers across 4,000 teams
Solutions
8
MIN READ

AI model routing: How we score code without running tests

The AI code evaluation framework behind our open vs. frontier model test: rubric-based scoring, a blinded LLM judge, and validation on real SWE-bench data.

Blog
8
MIN READ

Best open-weight models for coding

Compare the best open-weight models for coding in 2026—GLM, DeepSeek, Qwen, Kimi and more—and learn when each one can cut your AI coding costs.

Blog
8
MIN READ

AI token cost management: Best practices for engineering teams

Learn five strategies to manage and reduce AI token costs in software development, from spend visibility to model routing to context engineering.