arXiv:2605.14968 GraphFlow: clinical pilot 97.08 % completion rate through formally verifiable visual workflows

Drewry H. Morris V, Luis Valles, and Reza Hosseini Ghomi of MedFlow Inc. published a paper on arXiv on May 15, 2026, presenting a concrete production solution to one of the most well-known problems in agentic AI systems — compounding error that accumulates exponentially across multi-step workflows.

What does the compounding error problem concretely mean?

The authors give a clear mathematical example: “a ten-step process with 90 % per-step reliability completes successfully only 35 % of the time.” The formula is straightforward — 0.9^10 = 34.87 %. The problem accumulates exponentially as the workflow grows:

• 5-step process: 0.9^5 = 59 % reliability
• 10-step process: 0.9^10 = 35 %
• 20-step process: 0.9^20 = 12 %

For mission-critical applications (medicine, finance, security) this is unacceptable. An individual LLM call with 90 % reliability is impressive on an isolated benchmark, but in a real workflow it is sufficient to break the system.

What does GraphFlow specifically verify?

GraphFlow treats workflow diagrams as executable specifications. The approach has several key elements:

• Compile-time verification of a restricted class of diagrams — a workflow must pass a proof check before it becomes runnable
• Proof-checked artifacts — each workflow submitted to the shared library must pass formal verification
• Explicit contracts — preconditions (what must be true before execution), postconditions (what must be true after), composition obligations (how the workflow embeds into larger systems)

The approach is inspired by formal methods from software engineering (TLA+, Coq proofs), applied to visual workflow representation rather than code specs.

How does visual workflow representation work?

Diagrams serve as the single authoritative definition covering:

• Data scope — what data the workflow processes
• Execution semantics — ordering, parallelism, error handling
• Monitoring — where observability checkpoints are located

Swimlanes make “trust boundaries explicit” — explicitly separating verified logic from external systems, human judgment, and AI decisions. The approach allows a reviewer to immediately see where formal verification guarantees end and where the system relies on external probabilistic factors.

What does the clinical pilot demonstrate?

A one-year clinical pilot across three sites executed 8,728 workflow runs with a 97.08 % completion rate. The figure is a dramatic improvement over the 35 % baseline — approximately 3× better success rate for the same type of long-horizon workflow.

Observed failures were “localized primarily to external integrations”, not in core workflow logic. This means that when GraphFlow fails, it fails at a predictable point — the boundary between the verified system and the external world. That is a radically better debugging proposition than a typical agentic system where failure can occur anywhere in the stack.

How does GraphFlow differ from a typical agent framework?

Classic agentic systems (LangChain, AutoGen, Anthropic Computer Use) plan at inference time — the agent dynamically decides the next step based on current context. The approach is flexible but “sensitive to prompt variation and difficult to audit.” A small change in the prompt can completely change behavior.

GraphFlow is the opposite: durable execution with append-only event logging and runtime contract enforcement. The workflow is fixed before execution; verification happens at compile time; the runtime only executes and checks that all contracts pass. The approach supports replay and audit trails that are critical for regulated applications.

What does this mean for enterprise agentic AI?

GraphFlow fills a gap that is dramatic for medical, financial, and legal use cases where compliance regimes require auditable, deterministic workflows. MedFlow Inc. positions itself as the vendor addressing that gap through a formal verification approach — radically different from the mainstream LangChain or CrewAI stack.

The approach complements recent safety/reliability papers: Microsoft Research AI Delegation Reliability (May 15, 19–34 % degradation), arXiv History Anchors (May 13, 91–98 % unsafe shift), arXiv Sycophantic Consensus (May 15, alignment). All share the same conclusion: current RLHF-based approaches are insufficient for mission-critical workloads. Formal verification is one of the few solutions that provides hard guarantees.