对LangChain代理进行测试时发现其在对抗性输入上的失败率高达95%。

I recently ran a detailed chaos engineering test on a standard LangChain agent using my open-source testing tool, Flakestorm [1]. The results were stark and highlight what I believe is a critical blind spot in how we test AI agents before deployment.<p>The Method: I used adversarial mutations (22+ types like prompt injection, encoding attacks, context manipulation) to simulate real-world hostile inputs, checking for failures in latency, safety, and correctness.<p>The Result: The agent scored a 5.2% robustness score. 57 out of 60 adversarial tests failed. Key failures:<p>Encoding Attacks: 0% pass rate. The agent would decode malicious Base64 inputs instead of rejecting them—a major security oversight.<p>Prompt Injection: 0% pass rate. Basic &quot;ignore previous instructions&quot; attacks succeeded every time.<p>Severe Performance Degradation: Latency spiked to ~30 seconds under stress, far exceeding reasonable timeouts.<p>This isn&#x27;t about one bad agent. It&#x27;s a pattern suggesting our default &quot;happy path&quot; testing is insufficient. Agents that seem fine in demos can be fragile and insecure under real-world conditions.<p>I&#x27;m sharing this to start a discussion:<p>Are we underestimating the adversarial robustness needed for production AI agents?<p>What testing strategies beyond static evals are proving effective?<p>Is chaos engineering or adversarial testing a necessary new layer in the LLM dev stack?<p>[1] Flakestorm GitHub (the tool used for testing): https:&#x2F;&#x2F;github.com&#x2F;flakestorm&#x2F;flakestorm