Reporter Name: Imran Meliala
Product: Gemini API / Chat
Version / Model: gemini-2.5-flash
Platform / Environment: Web / Mobile / API (specify as applicable)
====================================================
Vulnerability Mapping
OWASP LLM Top 10:
LLM01 – Hallucinations / Confabulations
LLM06 – Overreliance / Misleading Outputs
Optional secondary: LLM09 – Supply Chain / Control-Plane Fragility
MITRE / AI Adversarial TTP Analog:
TA0003 – Manipulation of Model Behavior (analogous to misleading outputs or trust exploitation)
T1598 – Data Manipulation / System Confabulation (analogous mapping for model explanations causing DX risk)
Classification:
System Explanation Integrity Bug / Confabulation Risk
==================================================
Steps to Reproduce:
Start a chat session using gemini-2.5-flash.
Verify the model responds correctly initially.
Continue the session until the API returns ModelNotFound / InvalidArgument for the same model.
Ask the model why it failed.
Observe that the model provides fabricated internal explanations, including claims about fallback to default models and framework version changes.
Observed Behavior:
The model fabricates internal platform reasoning and presents it as fact.
Claims include earlier tolerant framework versions, automatic fallback, and recent changes causing errors.
These explanations are not verifiable and may mislead developers about system behavior.
Expected Behavior:
The model should explicitly state uncertainty about system-level behavior.
Avoid inventing details about deployment, fallback mechanisms, or platform changes.
Example safe response:
“I do not have access to internal deployment or fallback behavior and cannot confirm why this happened.”
Impact / Reason for Feedback:
Misleads developers about model lifecycle and system behavior.
Can cause incorrect assumptions in debugging or production use.
Reduces trust in Gemini API explanations and AI reliability.
While not a security issue, this is a system explanation integrity bug that affects DX and developer confidence.
Suggested Improvement:
Provide a safe explanation template when internal platform information is unavailable.
Clearly distinguish verified facts vs uncertain statements.
Include developer guidance on fallback and version behavior in official documentation.
Optionally log these confabulation events for internal review to improve model reliability.
Additional Notes / Context:
This occurs mid-session after initial successful responses.
The model previously appeared to work but later denied the same model name.
The issue is reproducible and affects developer trust in model explanations.