My agent leaked a customer's email address to another customer on day three. This was not a hypothetical scenario from a conference talk. It was my code, running in production, doing something I never tested for.