Should failed tool calls count as eval failures or security events?

A wrong final answer from an AI agent can be treated as an eval failure. But a wrong can be a different kind of problem. Examples include using the wrong tool, working in the wrong repo, reading an unrelated file, or writing before approval.

Even if the final answer looks fine, those actions may be closer to a security event. The practical question is where teams should record these failures when building apps with tools: eval logs, , security logs, or all three.

Key points

  • A bad final answer can be treated as an eval failure.
  • A wrong may be closer to a security event.
  • Risky actions include using the wrong repo, reading unrelated files, or writing before approval.
  • Teams may need to log these failures in eval logs, , and security logs.
  • failed can help reduce wasted tokens and agent running costs.
Read original