Skip to content
The AI risk library

250 ways AI gets it wrong

The danger isn’t that AI is useless — it’s that it’s often useful enough to be trusted before it’s reliable enough to be trusted. Here is the catalogue of failure modes, and the trust-stack layer that catches each one.

250 failure modes15 categories5 Trust-Stack layers
Agreement alone is not proof

Accuracy & truth

20 risks

Hallucinated facts, invented statistics and stale information stated as current.

  • Hallucinated facts
  • Made-up statistics
  • Invented legal rules
View all 20 risks

Sources & citations

20 risks

Fabricated citations, broken links and sources that don't support the claim.

  • Sources that don't support the claim
  • Irrelevant sources
  • Outdated sources
View all 20 risks

Research & analysis

20 risks

Shallow research presented as deep, cherry-picked evidence and missed changes.

  • Shallow research presented as deep
  • Stopped searching too early
  • Searched the wrong terms
View all 20 risks

Business & strategy

20 risks

Generic strategies, ignored constraints and plans too vague to execute.

  • Generic strategies
  • Consultant-speak with no practical value
  • Smart-sounding tactics that don't work
View all 20 risks

Writing & communication

20 risks

Artificial tone, cliché endings and your strongest point rewritten away.

  • Artificial tone
  • Cringe or over-polished language
  • LinkedIn-cliché tone
View all 20 risks

Legal & compliance

20 risks

Missed obligations, confused legal systems and guarantees that don't exist.

  • Legal-sounding advice without qualification
  • Missed licensing requirements
  • Missed disclosure requirements
View all 20 risks

Data & calculation

20 risks

Arithmetic errors, confused figures and false precision in the numbers.

  • Arithmetic errors
  • Wrong formula
  • Misread tables
View all 20 risks

Technical & coding

10 risks

Code that doesn't run, hardcoded secrets and missed vulnerabilities.

  • Code that doesn't run
  • Code that runs but does the wrong thing
  • Outdated libraries
View all 10 risks

Workflow & productivity

20 risks

Forgotten constraints, self-contradiction and 'almost right' deliverables.

  • Answered instead of asking for missing input
  • Asked unnecessary questions
  • Overcomplicated simple tasks
View all 20 risks

Security & privacy

10 risks

Leaked sensitive information, missing redaction and insecure suggestions.

  • Leaked sensitive information into outputs
  • Encouraged pasting confidential data into unsafe tools
  • Failed to redact personal information
View all 10 risks

Decision-making

15 risks

Weak recommendations made to sound decisive, with hidden risks unexamined.

  • Made weak recommendations sound decisive
  • Recommended action without ranking options
  • Failed to identify the safest option
View all 15 risks

Design, brand & UX

15 risks

Generic layouts, ignored accessibility and premium confused with decorative.

  • Generic designs
  • Copied design trends without judgment
  • Attractive but impractical layouts
View all 15 risks

Human judgment

10 risks

Flattery instead of challenge, and opinions withheld when one was needed.

  • Flattered the user instead of challenging weak thinking
  • Agreed too easily
  • Pushed back too aggressively
View all 10 risks

Output quality

15 risks

Low-substance answers, filler and meaning changed during rewriting.

  • Long answers with low substance
  • Short answers that skip essential detail
  • Repetition
View all 15 risks

Automation & agents

15 risks

Wrong steps, false success messages and single errors repeated at scale.

  • Executed the wrong step
  • Used the wrong tool
  • Called tools unnecessarily
View all 15 risks

One model can’t reliably catch its own mistakes. A council of independent minds can.

Run your work through the council

See also: the Trust Stack