SciTrace: Trajectory-Aware Safety Reasoning for Scientific Discovery Agents

Researchers introduce SciTrace, a framework that integrates safety reasoning throughout LLM-based scientific agent pipelines rather than as a post-hoc filter. The system detects compositional risks from multi-step tool sequences that single-stage monitors miss, achieving state-of-the-art safety across six scientific domains while maintaining output quality.

SciTrace addresses a critical vulnerability in autonomous scientific agents: the structural separation of safety mechanisms from reasoning processes. Traditional approaches inspect outputs after they're generated, missing both cumulative risk signals and emergent dangers from chained tool calls. This represents a meaningful gap in AI safety architecture as scientific agents increasingly handle high-stakes research tasks.

The framework's dual-mechanism approach—Safety-Intrinsic Reasoning Loop and Compositional Tool-Chain Verifier—fundamentally restructures how safety integrates with agent cognition. By maintaining cumulative risk states across reasoning stages and performing trajectory-aware verification before execution, SciTrace catches failure modes invisible to conventional single-step filters. The 78.8% detection rate for compositional tool-chain risks demonstrates these hidden vulnerabilities are substantial and practically important.

For the AI research community, this work signals growing maturity in safety-aware agent design. It moves beyond bolting security onto existing systems toward architecturally sound integration. The evaluation across 240 high-risk tasks and six domains with preservation of scientific output quality suggests the approach scales without degrading utility—a critical requirement for adoption.

The implications extend beyond academic interest. As autonomous scientific agents transition from research prototypes to deployed systems handling real experiments, safety mechanisms must operate at reasoning time rather than enforcement time. SciTrace's open-source availability and documented improvements across multiple backbone models position it as a reference implementation for safety-conscious agent development, likely influencing how production systems handle safety in multi-stage reasoning pipelines.

• →SciTrace integrates safety reasoning throughout agent pipelines rather than applying it post-hoc, addressing structural vulnerabilities in current approaches.
• →The framework detects 78.8% of compositional tool-chain risks that single-step safety monitors completely miss.
• →Testing across 240 high-risk research tasks and six scientific domains demonstrates state-of-the-art safety while preserving scientific output quality.
• →Cumulative risk tracking across Thinker, Experimenter, Writer, and Reviewer stages prevents loss of safety signals between pipeline stages.
• →The open-source implementation provides a reference model for integrating safety into autonomous agent architectures at design time.