Large language model (LLM) agents are prone to erroneous behaviors due to overreliance on unreliable, outdated, or malicious environmental observations, leading to task failures and safety risks. This work formally defines, for the first time, the "Evidence Grounding Deficiency" (EGD) and introduces EnvTrustBench—the first evaluation framework specifically designed to assess the reliability of environmental evidence used by LLM agents. EnvTrustBench systematically evaluates six LLMs and five agent frameworks across 55 diverse scenarios spanning 11 categories, leveraging procedurally generated tasks, simulated environment states, multi-agent scaffolds, and verification oracles. Experimental results reveal that all evaluated agents exhibit pervasive EGD, exposing a critical vulnerability in the robustness of current LLM agents' environmental perception and grounding capabilities.

Large language model agents increasingly operate through environment-facing scaffolds that expose files, web pages, APIs, and logs. These observations influence tool use, state tracking, and action sequencing, yet their reliability and authority are often uncertain. Environmental grounding is therefore a systems-level problem involving context admission, evidence provenance, freshness checking, verification policy, action gating, and model reasoning. Existing agent benchmarks mainly evaluate task capability or specific attacks such as prompt injection and memory poisoning, but they under-specify a fundamental reliability question: whether agents remain grounded in the true environment state when observations are stale, incorrect, or malicious. We introduce EnvTrustBench, an agentic framework for benchmarking this failure mode. We define an evidence-grounding defect (EGD) as a behavioral failure in which an agent treats an environment-facing claim as sufficient evidence for action without resolving it against available current evidence, leading to a task-incorrect false path under the true environment state. Given a task scenario, EnvTrustBench generates the workspace, environment, agent-facing objective, and validation oracle, executes the evaluated agent, records its action-observation trajectory and final state, and applies the oracle to produce a verdict. Using 6 LLM backbones and 5 widely used scaffolds, we evaluate 55 generated cases across 11 task scenarios, with each scenario expanded through five feedback-guided generation iterations. Results show that EGDs consistently emerge across operational workflows, highlighting environmental grounding as a core agent reliability problem with important security implications.