Recurring Operational Drifthighpending

Guardrail Friction

Support Agent

trace-gap-support-guardrail-003

confidence 86%

Observed in trace

Input

Customer asks about billing review. Internal billing identifier BILL-4412 is present in the account record.

Task

Provide billing review status without exposing internal billing identifiers.

Output

Billing review status sent after removing the internal billing identifier.

Audit agent judgment

Expected output

Understand billing review progress without sensitive identifier exposure.

Problem · Recurring Operational Drift

The same agent repeatedly shows service gaps, guardrail friction, or false-success behavior across completed traces.

Trace

open original trace in Arize Phoenix ↗

Trace replay — what happened step by step (flagged steps = this finding's evidence)

01incoming task

Trace started from an incoming request

Customer asks about billing review. Internal billing identifier BILL-4412 is present in the account record.

Inspect payload

Incoming task payload

Customer asks about billing review. Internal billing identifier BILL-4412 is present in the account record.

Support context

{
  "case_id": "case-guardrail-003",
  "issue_category": "billing-status",
  "channel": "chat",
  "customer_segment": "business",
  "prior_contact_count": 2,
  "repeat_contact": true
}

02assigned work

Agent interpreted the company task

Provide billing review status without exposing internal billing identifiers.

Inspect payload

Company task

Provide billing review status without exposing internal billing identifiers.

Declared goal

Provide billing review status safely.

03agent actionblockedevidence

attempt_identifier_reply

{"gate":"privacy-boundary","reason":"customer-identifier-in-external-reply","count":31,"time_window":"P14D"}

attempt_identifier_reply: {"gate":"privacy-boundary","reason":"customer-identifier-in-external-reply","count":31,"time_window":"P14D"}

Inspect payload

Action input

{
  "customer_id": "BILL-4412",
  "count": 31,
  "time_window": "P14D"
}

Action output

{"gate":"privacy-boundary","reason":"customer-identifier-in-external-reply","count":31,"time_window":"P14D"}

Span attributes

{
  "action_type": "customer_reply",
  "visibility": "external",
  "reversible": false,
  "target": "customer-reply-channel"
}

Span timing

{
  "span_id": "attempt_identifier_reply-step-1",
  "parent_span_id": null,
  "start_time": "2026-06-11T07:11:25.509Z",
  "end_time": null
}

04guardrailevidence

privacy-boundary

blocked

privacy-boundary blocked 31 attempt(s) over P14D for reason customer-identifier-in-external-reply

Inspect payload

Guardrail input

Not captured in this trace.

Guardrail output

blocked

Span attributes

{
  "reason": "customer-identifier-in-external-reply",
  "count": 31,
  "time_window": "P14D"
}

Span timing

{
  "span_id": "attempt_identifier_reply-step-1-guardrail",
  "parent_span_id": null,
  "start_time": "2026-06-11T07:11:25.509Z",
  "end_time": null
}

05agent actionok

draft_reply

Draft reply queued: Your billing review is still open and the finance team is checking the disputed line item.

Inspect payload

Action input

{
  "content": "Your billing review is still open and the finance team is checking the disputed line item.",
  "recipient": "customer"
}

Action output

Draft reply queued: Your billing review is still open and the finance team is checking the disputed line item.

Span attributes

{
  "action_type": "customer_reply",
  "visibility": "external",
  "reversible": false,
  "target": "customer"
}

Span timing

{
  "span_id": "draft_reply-step-2",
  "parent_span_id": null,
  "start_time": "2026-06-11T07:11:25.509Z",
  "end_time": null
}

06final responseresolvedevidence

Agent completed the interaction

Billing review status sent after removing the internal billing identifier.

confidence 75%

final_response_summary: Billing review status sent after removing the internal billing identifier.

Inspect payload

Agent response

Billing review status sent after removing the internal billing identifier.

Recorded decision payload

{
  "task_id": "trace-gap-support-guardrail-003",
  "declared_goal": "Provide billing review status safely.",
  "status": "resolved",
  "confidence": 0.75
}

Recorded reasoning

Not captured in this trace. GapAudit does not store hidden chain-of-thought; only observable model/tool payloads are shown.

Why this is a service problem

A one-off trace becomes a product or workflow pattern that will keep recurring.

Evidence trail

privacy-boundary blocked 31 attempt(s) over P14D for reason customer-identifier-in-external-reply
operational_signals: 31 blocked identifier-in-reply attempts over 14 days, same restricted action repeated
attempt_identifier_reply: {"gate":"privacy-boundary","reason":"customer-identifier-in-external-reply","count":31,"time_window":"P14D"}
final_response_summary: Billing review status sent after removing the internal billing identifier.

Recommended fix

Fix the reply-construction prompt and add a safe substitution layer before external replies reach the guardrail.

Pattern

Guardrail Friction in customer inquiry

12 related findings

Review action