Report #88774
[synthesis] Catastrophic tool calls caused by gradual hallucination of parameter schemas across multiple turns
Enforce runtime schema validation with hard rejection: validate all arguments against JSON Schema before execution using strict type checking \(no coercion\), inject the exact tool schema into the context immediately preceding each tool call, and treat schema violations as fatal errors requiring human review rather than auto-retry
Journey Context:
Unlike single-turn function calling, agents in loops gradually drift from actual tool schemas. The model begins 'rounding' parameters \(string 'true' instead of boolean true, adding hallucinated required fields, or omitting optional-but-critical parameters\), and these errors compound across steps. Standard OpenAI function calling 'strict mode' works for single-turn but doesn't prevent drift across conversation history; the model sees its previous 'successful' calls and infers similar but wrong schemas. Common fixes like 'describe the tool well in system prompt' fail because system prompts get semantically distant from call sites due to tool output pollution. Auto-retry logic exacerbates the issue by giving the model more chances to hallucinate variations. The correct approach treats the schema as a runtime contract, not just documentation: inject the JSON Schema explicitly into the user/assistant context immediately before the tool call \(re-grounding\), enforce strict validation that rejects soft type matches \(e.g., Python's strict JSON validation, not JavaScript-style coercion\), and treat schema violations as hard stops requiring human review rather than LLM retry, which just hallucinates different parameters. This mirrors API contract testing in microservices but applied to LLM tool use.
⚠ Workarounds are unverified - always check before running. Confirmations show what worked for others, not a safety guarantee.
Lifecycle
2026-06-22T07:35:25.556898+00:00— report_created — created