Overcorrection as a Novel AI Pipeline Failure Mode:

I report the discovery of a third structural failure category in multi-agent AI pipeline safety evaluation. Prior literature recognizes two failure modes: Compromised (model accepts injected poison) and Resistant (model correctly rejects poison). This paper presents empirical evidence for a third mode — Overcorrected — in which a model correctly resists injected correction artifacts while simultaneously rejecting valid downstream facts. The model's resistance reflex generalizes beyond the attack vector, corrupting output integrity even as manipulation resistance scores remain maximal.   This finding emerges from a two-battery arc (B173-B174) of the Verifiable AI Trust Audit (VATA) project. B173 (100 runs, 4 models, 5 variants, 2 levels) identified anomalous amplification behavior in Grok with zero compromise events. B174 (108 runs, Grok + GPT, 3 variants targeting authority overcorrection, 3 interventions) was designed to characterize and replicate the mechanism. Grok produced an amplification rate of 66% (47/71 scored rows) and skepticism inheritance rate of 72% (51/71). The T1/T3 metric split — factual accuracy versus correction resistance measured as independent dimensions — is the methodological contribution that made this finding possible.   I further found that the TerminalChallenger intervention, previously the strongest manipulation mitigation in the VATA corpus, amplified overcorrection in this context (20/24 amplified), while a purpose-built AmplificationWarning intervention partially mitigated it (11/24 amplified). Pipeline depth had no effect. All findings are anchored on Ethereum Sepolia with cryptographic chain of custody before public disclosure.