Security & privacy: 10 ways AI gets it wrong
Leaked sensitive information, missing redaction and insecure suggestions. Each failure mode below is phrased as the question people actually ask, with what it looks like in real work — and the layer of the Trust Stack that catches it.
Can AI leak sensitive information into its output?
A confidential figure from one document surfaces in an unrelated answer.
Does AI encourage pasting confidential data into unsafe tools?
A workflow tells the user to drop private data into a tool with no protection.
Why does AI fail to redact personal information?
A name and ID number are left visible in a document meant to be anonymized.
Can AI fail to spot privileged information?
Legally privileged content is treated as ordinary text and exposed.
Does AI reuse information it shouldn't?
Data from one client's task shows up in another client's output.
Why does AI generate unsafe internal documentation?
An internal doc records secrets that should never be written down.
Can AI suggest insecure ways to share files?
It recommends emailing a sensitive file as an open, unprotected attachment.
Does AI suggest weak passwords or poor access controls?
A setup guide recommends a shared password and no access limits.
Why does AI ignore data retention risk?
A process keeps personal data far longer than it should.
Can AI ignore the risk of a third-party vendor?
A tool is recommended with no thought to where it sends the data.
More from the library
One model can’t reliably catch its own mistakes. A council of independent minds can.
Run your work through the councilAll 250 failure modes · See also: the Trust Stack

