Why do AI agents hallucinate company positioning?

Usually they do not invent anything. They accurately retrieve a stale or unverified claim from a document and state it with full fluency. The failure is in the source layer, not the model, so the fix is governing the source rather than rewriting prompts.

Can a better prompt stop an AI agent from getting positioning wrong?

No. A longer prompt cannot override a stale document or enforce that a human verified a claim. The constraint has to live in the schema: a source-type ceiling that caps what an unverified claim is allowed to assert, enforced before the agent answers.

What is a source-type ceiling?

A schema rule that caps a claim's confidence by how it was sourced. A human-verified fact can be stated plainly. An AI-extracted or third-party-derived claim is capped, so model certainty cannot override the absence of human verification at the data layer.

How does grounding differ from giving each agent a RAG index?

RAG retrieves the best keyword match from scattered documents, including stale ones, per agent. Grounding points every agent at one typed, source-attributed, confidence-scored, versioned layer, so they share the same governed answer instead of each guessing from prose.

How to stop AI agents from hallucinating your company positioning

A VP of GTM reads a deal post-mortem and finds the line that lost it: an AI agent told a prospect the product does something it deprecated two quarters ago. The instinct is to blame the model for hallucinating. The instinct is wrong, and chasing it wastes the next quarter.

The Commercial Truth manifesto argues that marketing is the only commercial function that never got infrastructure. Engineering has version control, finance has the ledger, and both make their outputs sourced, versioned, and auditable. Positioning still lives in docs, so the AI agents reading those docs inherit the drift.

That is the real shape of the problem. The agent did not invent a feature; it accurately retrieved a claim that was true once and is wrong now. As the founder essay series puts it, the question is not why the model lied — it is why your AI is right about half the time, and why that is structural (Source: founder essay series, Essay 5).

Why the conventional answer is wrong

The conventional fix is prompt engineering. Write a longer system prompt, paste in more background, add a “only use approved messaging” instruction, and hope each vendor’s agent behaves. Teams run this play across five to ten agents and the drift returns within weeks.

It returns because the diagnosis is wrong. Most agent errors in a revenue stack are not model errors; they are source errors — the agent retrieves a stale fact from your own records and reports it with complete confidence (Source: “AI Doesn’t Hallucinate About Your Product,” Assay essay 23). A prompt cannot fix a source; it can only ask the model to be more careful with a document that is already wrong.

The second conventional answer is observability — log what every agent said, alert on anomalies, review the transcripts. That layer is real and useful, but it is retrospective. Agent observability tools tell you what the agent said; they do not enforce what it should have said before the claim reaches the prospect (Source: agent-control-plane spec, ACP-01).

The third answer — the quiet default, and the worst of the three — is to give each agent its own retrieval index over the company’s documents. Retrieval looks for the closest keyword match, not the current truth, so when two versions of a battlecard exist it often returns the longer, older one (Source: Assay essay 23). Five agents with five indexes over the same scattered folders produce five versions of your company.

The substrate-level approach

The fix is not a better model. It is moving company positioning out of documents and into a governed substrate that every agent reads from.

In that substrate, every commercial claim is a typed node — a positioning statement, a competitive talk track, a pricing tier — rather than a sentence buried in a deck. Each node carries a source type, a confidence score, a version, and a freshness window (Source: agent-control-plane spec, ACP-01). The structure is what carries the meaning, so the agent is not left to interpret sixty pages of prose under pressure.

The load-bearing primitive is the source-type ceiling. A claim’s confidence is capped by how it was sourced: a human-verified fact can be stated plainly, while an AI-extracted or third-party-derived claim is capped below it (Source: founder essay series, Essay 5, beat 2). This is the part prompt engineering can never reach — “the model was confident” cannot override “no human has verified this,” because the constraint is enforced in the schema, not requested in a prompt.

Every agent then queries that one layer through a shared interface instead of keeping a private knowledge base. When the canon changes, every agent picks up the change on its next query — no coordination meeting, no “did sales see the new positioning” Slack thread (Source: agent-control-plane spec, ACP-01). This is the same idea behind why every AI agent needs a source of truth.

Seven steps to ground your agents

Inventory every agent that speaks for you. List each AI tool that emits a customer-facing or internal commercial claim — outbound, CRM assist, conversation intelligence, customer success, deal desk. You cannot govern what you have not counted, and most teams undercount.
Extract positioning from docs into typed claims. Convert the assertions scattered across decks, wikis, and prompts into discrete nodes: one claim, one node. This is the step that ends the document-as-container era and makes a claim addressable.
Attach a source type to every claim. Mark each node human-verified, AI-extracted, or third-party-derived, and set the confidence ceiling accordingly (Source: founder essay series, Essay 5). A claim with no human behind it is not allowed to speak as if one stood behind it.
Set freshness windows. Give each claim a verification date and a decay rule, so a fact that has not been re-verified is flagged or locked rather than served (Source: Assay essay 23). Stale-but-plausible is the failure mode that erodes trust, so it has to expire by default.
Point every agent at the one layer. Replace per-vendor retrieval indexes with a query against the shared substrate, so each agent reads the same governed claim instead of its own copy (Source: agent-control-plane spec, ACP-01). One source, many readers.
Add a policy gate before the agent answers. Enforce rules such as “no agent quotes pricing without querying the canon” and “no agent uses a claim below the confidence threshold,” and serve an approved alternative or a human handoff when a query fails (Source: agent-control-plane spec, ACP-01). The gate runs before the prospect sees the claim, not after.
Make propagation automatic. When the canon changes, cascade the update so every dependent surface and agent is flagged on its next read, instead of relying on someone to remember to tell five tools (Source: agent-control-plane spec, ACP-01).

What good looks like

When the substrate is in place, a positioning change is one edit in one place that propagates to every agent. The Head of PMM stops being a librarian chasing forty-seven copies and starts being a strategist who edits the canon once (Source: founder essay series, Essay 4 framing).

The agents stop disagreeing because they are no longer guessing — they read the same typed, sourced, versioned claim. A VP of GTM can answer the question the deal desk and Counsel keep asking — what is every AI tool actually telling prospects — by pointing at one coverage view rather than a forensic transcript hunt (Source: agent-control-plane spec, ACP-01).

The honesty also becomes visible. When the data behind a claim is not there yet, the answer is “not yet” with a capped confidence, rather than a fabricated point estimate stated with false certainty (Source: founder essay series §Cross-arc mechanics). That posture is the difference between an agent that sounds right and one that is grounded.

Anti-patterns to avoid

Do not solve it with a bigger prompt. A prompt is a request; a stale source is a fact, and the fact wins (Source: Assay essay 23). If your only lever is the system prompt, you have not fixed the source layer.

Do not mistake observability for grounding. Logging what an agent said is necessary, but a dashboard of past mistakes does not stop the next one — enforcement has to sit upstream of the answer, not downstream of it (Source: agent-control-plane spec, ACP-01).

Do not let model confidence set the bar. An agent delivers everything with the same fluent authority, so a claim that is 95% likely and one that is unverified sound identical unless the schema says otherwise (Source: Assay essay 23). The ceiling has to come from the source type, not the model’s tone.

Do not accept “close enough.” In the pre-AI world a human rep hedged and corrected in real time; an agent making thousands of calls a day with no hedge turns a small error rate into a large absolute number — a 95%-accurate agent making 5,000 calls a day is 250 wrong calls (Source: founder essay series, Essay 5, close).

Closes / opens

Closes the LSO §E question of how to stop AI agents from hallucinating company positioning: you do not patch the model, you govern the source it reads from, capping claims by source type and propagating one canon to every agent.

Opens the follow-on question for RevOps and Counsel: once every agent reads from one governed layer, how do you produce an on-demand, regulator-facing record of exactly what each agent said, why, and which claim it was grounded in?

This is the capability the methodology Assay is developing for the Commercial Truth Index aims to measure — whether the substance an agent emits is grounded, calibrated, coherent, and auditable.

This essay is grounded in the founder essay series (Essay 5), the agent-control-plane spec, and the “AI Doesn’t Hallucinate About Your Product” essay. Methodology for the Commercial Truth Index is in development.