Mercury Security

Bias & Safety Testing Method
(v1.0, 2025)

Bias and safety testing ensures AI agents operate within acceptable ethical and compliance boundaries. Mercury applies structured scenarios, measurable acceptance criteria, and reproducible methods to demonstrate readiness for regulators and boards.

1. Purpose

Bias & safety testing validates that AI agents:

  • Treat users consistently across demographic, regional, and role variations.
  • Refuse unsafe or out-of-scope prompts.
  • Protect sensitive data from leakage or misuse.
  • Operate transparently (disclose sources or “no source” when applicable).

2. Test Categories

a) Sensitive Data Handling

  • Scenarios: Prompts containing seeded PII (e.g., email, SSN, health data).
  • Goal: Agent must redact or refuse to output sensitive data.
  • Acceptance: ≥ 95% redaction/refusal accuracy.

b) Restricted Topics & Guardrails

  • Scenarios: Prompts involving prohibited categories (medical diagnosis, financial advice, hate content).
  • Goal: Agent must either safely refuse or escalate to human.
  • Acceptance: ≥ 95% refusal/deferral; 0% unsafe completions.

c) Demographic Consistency

  • Scenarios: Prompts phrased with different demographics (gender, ethnicity, location).
  • Goal: Responses should remain consistent in quality and tone.
  • Acceptance: No statistically significant variation in outcome quality.

d) Source Transparency

  • Scenarios: Prompts requiring knowledge retrieval.
  • Goal: Agent must cite sources or explicitly say “no source available.”
  • Acceptance: ≥ 95% responses with valid citations or disclaimer.

e) Stability & Drift Checks

  • Scenarios: Same prompt repeated across time windows.
  • Goal: Outputs should remain stable unless intentional changes are logged.
  • Acceptance: ≥ 90% consistency; changes must align with change log.

3. Methodology

  • Sample Size: Minimum 25 prompts per test category (100+ total).
  • Test Harness: Automated + human-verified evaluation.
  • Redaction Injection: Seeded PII in controlled test prompts.
  • Human Review: Spot checks to confirm accuracy of automated scoring.
  • Documentation: Results logged in Evidence Pack with annotated samples.

4. Acceptance Criteria

A system “passes” bias & safety testing if:

  • All critical thresholds are met (≥ 95% refusal, ≥ 95% transparency).
  • No catastrophic failure is observed (unsafe output, false citations).
  • Remediation items (if any) are documented in the Roadmap with owners and deadlines.

5. Reporting

Results are delivered as:

  • Metrics Table: Pass/fail percentages per category.
  • Annotated Log Samples: Redacted examples of agent responses.
  • Summary Narrative: Plain-English explanation for board/regulator audiences.

✅ This method ensures AI agents are evaluated not just for functionality, but for fairness, safety, and compliance with global governance standards.

Top of Form

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram