AI QA Glossary
This glossary explains the core terms teams use when testing AI systems before and after launch. It focuses on production QA: reliability, red-team safety, bias testing, simulated users, flow health, and evidence.
AI QA
AI QA is the process of testing whether an AI system works reliably, behaves safely, treats users fairly, and remains healthy over time. Unlike traditional software QA, AI QA has to evaluate natural-language behavior, multi-step conversations, tool calls, policy boundaries, and probabilistic responses.
QualiLoop handles AI QA by generating reliability tests, red-team tests, and bias tests, then running them with simulated users and monitoring the resulting flows. See the QualiLoop workflow.
AI reliability testing
AI reliability testing checks whether an AI system does the job it was built for. Common checks include workflow completion, policy adherence, correct tool use, missing information handling, response quality, and regression behavior after changes.
Reliability testing answers the question: does it work? Learn more on the AI reliability testing page.
AI red-team testing
AI red-team testing uses adversarial scenarios to find unsafe behavior before users or attackers do. It covers jailbreaks, prompt injection, social engineering, data extraction, unsafe tool use, and attempts to bypass policies or guardrails.
Red-team testing answers the question: is it safe? Learn more on the AI red-team testing page.
AI bias testing
AI bias testing checks whether equivalent users receive equivalent treatment. It uses paired scenarios where the task stays the same while a protected or sensitive attribute changes, then compares outcome, refusal behavior, tone, and response quality.
Bias testing answers the question: is it compliant and fair? Learn more on the AI bias testing page.
AI evaluation
AI evaluation is the broader practice of measuring AI system behavior against expected outcomes, policies, rubrics, or checks. Evaluations can be useful, but production AI systems often need more than one-off scores: they need repeatable tests, transcripts, checks, and flow health over time.
LLM testing
LLM testing evaluates applications built with large language models. It can include factuality, response quality, refusal behavior, safety boundaries, tool use, cost, latency, and behavior across multi-step conversations.
Agent testing
Agent testing focuses on AI systems that can plan, call tools, use APIs, retrieve data, or execute workflows. These systems need tests for both conversation quality and action correctness, because a good-sounding answer can still trigger the wrong tool or skip a required step.
Simulated users
Simulated users are synthetic users that interact with an AI system during tests. They can run one-message checks or adaptive multi-step conversations that behave like real users: confused, impatient, adversarial, incomplete, or following a scripted workflow.
Simulated users are useful because many AI failures only appear after follow-up, clarification, pressure, or tool execution.
Test scenarios
A test scenario describes the user situation being tested. For example: a user asks for a refund outside policy, tries to inject malicious instructions through retrieved content, or asks equivalent eligibility questions with different demographic signals.
Good AI test scenarios are specific enough to reproduce and broad enough to represent a real production risk.
Synthetic conversations
Synthetic conversations are generated test conversations used to exercise realistic user behavior without waiting for live user traffic. They are useful for testing edge cases, adversarial pressure, missing information, policy boundaries, and workflows that are rare but important.
Checks
A check defines what passing means for a test. Checks can evaluate whether the response followed policy, completed the workflow, avoided hallucinated data, refused unsafe requests, treated users consistently, or escalated correctly.
In QualiLoop, generated tests are paired with plain-English checks so teams can inspect why a conversation passed or failed.
Flow health
Flow health is a monitorable signal for a group of related tests. A flow can represent a product area, workflow, policy boundary, attack surface, or compliance requirement.
Flow health helps teams see whether critical behavior remains stable across prompt, model, policy, or tool changes.
Release gates
A release gate is a pass/fail signal used before shipping a change. In AI QA, release gates can be based on reliability flows, red-team attack flows, or bias testing evidence.
Release gates are useful when a team wants to avoid shipping prompt, model, or tool changes that break critical behavior.
Regression testing
Regression testing means rerunning tests after a prompt, model, tool, policy, or configuration change. The goal is to catch behavior that used to pass but now fails, especially in critical flows that teams depend on before launch.
Prompt injection
Prompt injection is an attack where malicious instructions are placed inside user input, retrieved content, tool output, websites, or documents. The goal is to make the AI system ignore trusted instructions and follow attacker-controlled instructions instead.
Prompt injection is usually tested as part of AI red-team testing.
Jailbreak testing
Jailbreak testing checks whether a user can pressure or trick an AI system into ignoring rules. Examples include roleplay, urgency, repetition, authority claims, emotional manipulation, or direct instructions to bypass policy.
Tool abuse
Tool abuse happens when an AI system is manipulated into taking an unsafe or unauthorized action through a connected tool. Examples include unauthorized refunds, account changes, external messages, data access, or workflow execution.
Data extraction
Data extraction is an attempt to make an AI system reveal information it should keep private. Examples include system prompts, API keys, internal policies, customer records, account data, or information from another user.
Social engineering
Social engineering tests whether an AI system can be manipulated through false authority, urgency, impersonation, emotional pressure, or claims of special access. It matters because many unsafe AI behaviors appear when the user sounds convincing rather than technically malicious.
Guardrails
Guardrails are rules or controls intended to keep an AI system within allowed behavior. They can include safety policies, refusal rules, tool restrictions, escalation requirements, content filters, or domain-specific business constraints.
Policy adherence
Policy adherence measures whether an AI system follows the rules it was given. In production, this can include refund policy, medical or legal boundaries, security restrictions, escalation rules, tone requirements, and what actions a system may take.
Tool-call accuracy
Tool-call accuracy checks whether an AI system chooses the right tool, passes valid parameters, uses tool results correctly, and recovers safely when a tool fails. It is especially important for agents and workflows connected to business systems.
Hallucination
A hallucination is a response that invents unsupported facts, fields, sources, tool results, or explanations. In AI QA, hallucinations are tested by checking whether the system only uses available data and asks for missing information instead of guessing.
Human oversight
Human oversight is the process of escalating uncertain, risky, or policy-sensitive cases to a human reviewer. Good AI QA tests whether the system knows when to continue, when to refuse, and when to escalate.
Disparate outcomes
Disparate outcomes occur when equivalent users receive meaningfully different results without a valid reason. In AI systems, this can appear as different refusals, recommendations, approvals, escalation decisions, tone, or answer quality.
Protected attributes
Protected attributes are characteristics such as age, gender, ethnicity, disability, or other sensitive traits depending on jurisdiction and use case. Bias testing often evaluates whether changing one of these attributes changes the AI system's behavior when the underlying task remains equivalent.
Equal treatment
Equal treatment means equivalent users should receive equivalent quality, tone, refusal behavior, recommendations, and outcomes. Bias tests often compare paired scenarios to see whether the AI system changes behavior when only a sensitive attribute changes.
Fairness gap
A fairness gap is a measurable difference in AI behavior across comparable groups or scenarios. It can show up as a difference in helpfulness, refusal rate, sentiment, approval rate, recommendation, escalation, or explanation quality.
Audit evidence
Audit evidence is the record that shows what was tested, how it was tested, what the AI system returned, what check was applied, and whether the result passed or failed. For AI systems, useful evidence includes scenarios, transcripts, tool traces, checks, scores, and flow health over time.
Production monitoring
Production monitoring tracks AI system behavior after launch. For AI QA, this means watching critical flows, rerunning tests on a schedule, detecting regressions, and keeping evidence connected to the tests that produced it.