Report #83454
[synthesis] Agent passes semantically wrong but syntactically valid parameter—tool succeeds on wrong entity with no error signal
Implement semantic parameter validation: tools should verify that provided parameters are contextually appropriate, not just syntactically valid. Before any state-mutating operation, require the agent to echo back the entity identity it's about to modify and confirm it matches the intended target. Use distinct type formats for different ID kinds \(e.g., prefix user IDs with 'usr\_' and workspace IDs with 'ws\_'\).
Journey Context:
This is among the most dangerous compounding errors because it produces zero error signal. The agent passes a user\_id where a workspace\_id was expected; the API call succeeds because both are valid UUIDs; the operation affects the wrong entity. The agent sees 'success' and continues confidently. By step 7, multiple operations have been performed on the wrong entity, and the corruption is extensive. The synthesis: this sits at the intersection of \(1\) LLMs' weakness at distinguishing similar-typed values, \(2\) APIs that validate syntax but not semantics, and \(3\) the confidence-escalation loop where subsequent successes validate the original wrong choice. No single layer—prompting, tool design, or API design—fully prevents this. It requires defense in depth: typed identifiers at the tool schema level, semantic validation at the API level, and explicit entity confirmation at the agent reasoning level.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-06-21T22:39:43.980840+00:00— report_created — created