confidence field with one of three
values:
| Value | What it means |
|---|---|
high | Tumban has strong, corroborated evidence backing the recommendation. Act on it without further qualification. |
medium | Tumban has solid signal but less corroboration. Useful, but a manual reviewer may want to spot-check on edge cases. |
low | Tumban surfaced something worth looking at, but the signal is thin or borderline. Treat as a review-worthy lead, not a verdict. |
no_flags recommendation does not guarantee high confidence.
A profile that is clear except for a single thin signal can come back
no_flags with medium or low confidence, and a scan that hit an
infrastructure fallback (see ANALYSIS_ERROR,
a neutral score) can return no_flags at low confidence. Only a
profile with no signal at all is guaranteed high. Read confidence
directly — never infer it from the recommendation tier.
When to use it
Useconfidence to weight review priority within a recommendation
tier. A review_high with confidence: "high" is worth processing
before a review_high with confidence: "low". Within a queue sorted
by risk_score, breaking ties on confidence is a reasonable second
key.
How Tumban arrives at each level is not part of the public contract —
the exact triggers may change as detection is tuned. Treat confidence
as an interpretation of the same evidence summarised by reason_codes
and evidence_index, not as an independent signal.