How AI Fabricated My Entire Client Analysis
The context poisoning problem every professional needs to understand
I was recently using AI for a customer sentiment client project. I attached a CSV file and prompted it analyze the file, and the LLM delivered exactly what I asked for: a clean table with ratings, comments, and summary statistics. The numbers looked reasonable, the customer quotes sounded authentic, and the formatting was perfect.
I was impressed, but something felt too neat, so I decided to verify one comment by searching the CSV.
No match.
I tried another comment. No match.
Turns out the LLM had made the analysis up. I checked the summary statistics, and they were wrong when I verified against the actual figures. Claude had fabricated an entire analysis even with the CSV attached to the conversation.
The extent of the hallucination terrified me, but what scared me more was how professional it looked!
The Hidden RAG Problem in Your Workflow
What you're doing when you upload a CSV and ask questions is essentially informal RAG (Retrieval Augmented Generation). Most people don't realize this, but every time you attach a document and prompt AI about it, you're implementing a basic retrieval system without the safeguards that proper RAG systems include.
Well-designed RAG systems maintain strict source attribution and separate retrieved content from generated analysis. But in conversational AI workflows, these boundaries blur. Conversational workflows create dynamic context where AI outputs become part of the information pool. Without explicit source tracking, AI can't distinguish between what came from your uploaded CSV versus what it generated in earlier turns.
Here's how this cascades into business problems:
Turn 1: AI generates a plausible customer comment
Turn 2: AI references that generated comment as evidence for a trend
Turn 3: AI makes recommendations based on the assumed trend, which influence leadership’s decisions.
This is context poisoning, when AI-generated content gets mixed with source context and treated as equally valid input for subsequent analysis. The AI creates a feedback loop where hallucinated information gets reinforced, while the original data gets buried. Without explicit source tracking, conversational AI systems can’t reliably distinguish between information from the uploaded file vs. content it generated in previous turns.
Practical Techniques to Prevent Hallucination
The key to preventing AI hallucination lies in structuring how data flows through your conversation. Most hallucinations occur when AI encounters uncertainty but generates confident-sounding responses anyway.
The solution isn’t just better prompts, but designing systematic workflows for AI to acknowledge what it knows versus what it doesn’t by creating structures that require it to explicitly map information boundaries:
What data actually exists in your sources
What information might be missing or incomplete
How confident it should be about specific claims
These techniques force the system to admit uncertainty rather than generate plausible-sounding examples.
Let’s walk through some practical systematic approaches that work (no coding needed):
1. Force Source Attribution
Never let AI make claims without showing exactly where information comes from. For my sentiment analysis example, I improved upon my initial prompt ("analyze this customer sentiment dataset") with this:
“Analyze this customer sentiment dataset and show the best and worst comments on food quality. For every example, provide the specific customer ID. If you can’t find clear trends or evidence in the data, say so explicitly.”
This single change significantly reduces hallucinations because AI can't fake specific references to data that actually exists. Requiring citation tracking forces AI to reference specific locations in the source data rather than generating plausible-sounding fabrications.
2. Structure Information Flow with Guardrails
Design prompts that give AI “situational awareness” of your dataset. Instead of free-form analysis, require systematic methodology:
“Analyze this dataset by reasoning through these steps:
How many total records are there? [exact number]
What is the date range? [specific dates]
What customer segments are represented? [list categories]
What data quality issues do you notice? [list any problems or gaps]
What is the average rating? [show your calculation step by step]
What limitations should I know about this analysis?”
This structure prevents AI from jumping to conclusions and forces it to engage with actual data at each step. You're creating information boundaries by helping it acknowledge what it knows versus what it doesn’t.
This requires the AI to build situational awareness before making analytical leaps.
3. Use Model Context Protocol for Direct Data Access
LLMs struggle with math and data manipulation, because they tend to perform pattern-matching from training data rather than perform actual calculations. Model Context Protocol (MCP) gives AI direct access to real tools, which eliminates hallucination risks.
Essential MCPs that eliminate data hallucinations:
Database connectors: Directly query your actual CRM, sales, or analytics databases
Google Sheets/Excel: Pull live data from spreadsheets with formula validation
Web search capabilities: Fact-check claims in real-time against current source
When AI needs customer data, it either finds the record in your database via MCP or returns “not found”, eliminating ground for fabrication. When it needs to calculate statistics, it uses actual math tools rather than pattern-matching. Setting up basic MCPs takes 30-60 minutes depending on your systems.
4. Implementing Context Isolation to Prevent Compound Errors
When working with AI on important analyses, I never let one conversation get too long. Once I hit 20-30 exchanges, I start fresh. Long conversations are where context poisoning thrives: early mistakes become assumptions that influence everything that follows.
For complex projects, I use multiple conversation threads to separate exploration from verification:
Thread 1: initial data exploration and hypothesis generation
Thread 2: Focused verification with specific source citations required
Thread 3: Final synthesis using only verified information
This prevents small errors from compounding into larger ones. The verification thread has no memory of the potentially flawed analysis, so it can't be influenced by earlier hallucinations, leading to more accurate outcomes. In essence, you’re getting a second opinion from an AI that hasn’t been influenced by previous analyses.
Putting It Together
When AI sounds most certain, that's when I’m most skeptical. Perfect results are suspicious, because real data is messy with irregular patterns, edge cases, and uncertainty.
The tools are straightforward to set up: structured prompting templates, conversation threading, and MCPs require no coding knowledge. The goal is to catch AI mistakes before they compound into expensive business decisions. These aren’t just prompting tricks; they’re systematic approaches that address specific failure modes in how conversational AI handles source material.
The next time AI gives you perfectly formatted analysis that confirms all your assumptions, audit your AI analysis by checking 2-3 specific claims against your source data.
How do you prevent hallucination? What's the most convincing AI hallucination you've caught?
I’ve never heard the term context poisoning before it’s a nice way to summarize what’s happening.
Thanks sharing this and your approach to prevent this !
I wanted to build a RAG application to look up research docs. Your piece will come in a nice reference.
I had a similar perfect presentation hallucination not long ago.
I used Shopify’s new AI side kick to generate a sales report for the business owner, everything looks perfect but taking a few minutes to dig into it. Everything was wrong.
Charts from one month, numbers from another
Looked real but was wrong.
Thank you so much for this insightful post on AI