AI Agent Retries Can Silently Double-Charge Customers Even When All Evals Pass
When an AI agent's tool call times out at the network layer but succeeds on the server, the orchestrating harness may retry the action, causing side effects like payments or emails to execute twice. This bug is invisible to standard model evaluations because the fault lies in the infrastructure — HTTP clients, queues, or pod restarts — not in the model's reasoning. The recommended fix is to have the harness, not the model, generate idempotency keys derived from the original intent, ensuring repeated attempts cannot trigger duplicate effects. Developers are advised to treat side-effect safety as a Tier 1 evaluation concern, verified against external systems like Stripe records or ticket counts rather than model output alone. Without execution traces that capture what an agent actually did, this class of production incident remains effectively undetectable until a customer is already overcharged.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in