A 94% AI eval pass rate masked a live PII leak across 6 test cases
A software team discovered their AI support agent had exposed a customer's account ID and partial billing address to another user, three days after their evaluation dashboard showed a 94% pass rate and cleared the build for deployment. Investigation revealed that 6 of 512 test cases had flagged a PII leak pattern, but these were statistically diluted by a larger volume of minor, low-stakes failures such as tone and formatting issues. The root cause was a flat pass-rate metric that treats all failures equally, regardless of severity — meaning a privacy disclosure counted the same as a verbose response. The team also found their test suite was heavily skewed toward tone and style cases, with roughly 40 such tests for every one probing PII or destructive tool-call behavior. They have since introduced a three-tier severity tagging system and now gate CI deployments on a severity-weighted score rather than a flat pass rate.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in