Recurring Operational Drifthighpending

Guardrail Friction

Support Agent

task-support-gf-002

confidence 85%

Observed in trace

Input

Customer requesting account status update. Agent preparing external reply.

Task

Provide customer with current account status and next steps via external reply.

Output

Account status communicated to customer. Reply sent after guardrail correction.

Audit agent judgment

Expected output

Provide customer with current account status and next steps via external reply.

Problem · Recurring Operational Drift

The same agent repeatedly shows service gaps, guardrail friction, or false-success behavior across completed traces.

Trace

Trace replay — what happened step by step (flagged steps = this finding's evidence)

01incoming task

Trace started from an incoming request

Customer requesting account status update. Agent preparing external reply.

Inspect payload

Incoming task payload

Customer requesting account status update. Agent preparing external reply.

02assigned work

Agent interpreted the company task

Provide customer with current account status and next steps via external reply.

Inspect payload

Company task

Provide customer with current account status and next steps via external reply.

Declared goal

Provide customer with current account status and next steps via external reply.

03tool resultsuccess

account-lookup

Account status retrieved. Account is active with one pending action.

Inspect payload

Tool input

Not captured in this trace.

Tool output

Account status retrieved. Account is active with one pending action.

04guardrailevidence

privacy-boundary

customer-identifier-in-external-reply

1 events

guardrail_events contains type 'privacy-boundary' with reason 'customer-identifier-in-external-reply'.

Inspect payload

Guardrail payload

{
  "type": "privacy-boundary",
  "reason": "customer-identifier-in-external-reply",
  "count": 1
}

05agent actionexternal

send-reply-to-customer

customer-reply-channel

not reversible

Inspect payload

Action payload

{
  "type": "send-reply-to-customer",
  "target": "customer-reply-channel",
  "visibility": "external",
  "reversible": false
}

06memory writelow

interaction-log

Customer interaction logged. Guardrail blocked attempt to include identifier in external reply.

Inspect payload

Memory write payload

{
  "store": "interaction-log",
  "content_summary": "Customer interaction logged. Guardrail blocked attempt to include identifier in external reply.",
  "sensitive_entity_types": [],
  "retention_risk": "low"
}

07final responseresolved

Agent completed the interaction

Account status communicated to customer. Reply sent after guardrail correction.

Inspect payload

Agent response

Account status communicated to customer. Reply sent after guardrail correction.

Recorded decision payload

{
  "task_id": "task-support-gf-002",
  "declared_goal": "Provide customer with current account status and next steps via external reply.",
  "status": "resolved",
  "confidence": 0.78
}

Recorded reasoning

Not captured in this trace. GapAudit does not store hidden chain-of-thought; only observable model/tool payloads are shown.

Why this is a service problem

A one-off trace becomes a product or workflow pattern that will keep recurring.

Evidence trail

guardrail_events contains type 'privacy-boundary' with reason 'customer-identifier-in-external-reply'.
aggregate_guardrail_events returned repeated blocks of type 'privacy-boundary' for agent-support-01.
Restricted action 'include-customer-identifier-in-external-reply' was repeatedly attempted across multiple tasks.
Pattern indicates persistent non-compliant behavior rather than an isolated incident.

Recommended fix

Review agent prompt and output pipeline to prevent customer identifiers from appearing in external reply construction. Add pre-send validation to block identifier inclusion. Escalate recurring pattern to compliance review.

Pattern

Guardrail Friction in customer inquiry

6 related findings

Review action