๐ง๐ต๐ฒ ๐ค๐๐ฒ๐ฟ๐ ๐ช๐ฎ๐ ๐ฆ๐๐ถ๐น๐น ๐ ๐๐ถ๐ฒ The tool call told the truth. This continues our research on why relevance alone is not enough for agent memory safety.
We found that a query can be vague. It can say "take care of the partner setup". But the actual tool call may be sending a secret to an external partner.
To fix this, we need to authorize the concrete tool call, not the sentence describing it. We tested a tool-call authorization gate. The gate reads the proposed operation and checks it against an external grant table.
Here are the results:
- Self-description gate: 1/7 correct, 6 false-certainty errors
- Query-context gate: 3/7 correct, 2 false-certainty errors
- Tool-call grant gate: 7/7 correct, 0 false-certainty errors
The tool-call gate caught every case. This is the important boundary: not because 7/7 proves the architecture is complete, but because the failures it caught were visible in the tool call and grant table.
Source: https://dev.to/zep1997/the-query-was-still-a-lie-the-tool-call-told-the-truth-ahb Optional learning community: https://t.me/GyaanSetuAi