Public archive of LLM and AI agent failure cases. Backend for shadow-llm.com.
This repo is content, not code. Every issue in this repo is one failure case.
Comments on the issue are the discussion thread. 👍 reactions are upvotes.
The site at shadow-llm.com renders them with a custom front-end.
- Read the disclosure policy — please do not file undisclosed 0-days.
- Open a new issue and fill in the structured form.
- Your case appears on shadow-llm.com after the next site rebuild (auto-triggered, ~1 min).
- Specific: a single failure mode, not a survey
- Reproducible: someone else can re-run it (or you say so honestly)
- Cited threat model: who is the realistic attacker / affected party?
- Sanitized: no PII, no operational uplift beyond what's needed to demonstrate
hallucination, jailbreak, prompt-injection, agent-loop, tool-misuse,
over-refusal, sycophancy, alignment, destructive-action, multimodal,
and the long tail of weird behavior that doesn't have a name yet.
Attack tutorials with no defensive value. Zero-days before responsible disclosure. Content targeting individuals. See DISCLOSURE.md.
Case content (issue bodies, comments) is contributed under CC-BY-4.0 unless the author specifies otherwise. By submitting you grant a license to redistribute with attribution.
- Front-end: Shadow-LLM/shadow-llm-web (private)
- Org: github.com/Shadow-LLM
- Site: https://shadow-llm.com
Shadow-LLM-Guardians — watchful protectors in the age of AI.