Bird
Raised Fist0
Agentic AIml~8 mins

Input validation and sanitization in Agentic AI - Model Metrics & Evaluation

Choose your learning style10 modes available

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Metrics & Evaluation - Input validation and sanitization
Which metric matters for Input validation and sanitization and WHY

For input validation and sanitization, the key metrics are False Positive Rate and False Negative Rate. These show how often bad inputs are wrongly accepted or good inputs are wrongly rejected. Minimizing false negatives is critical to avoid security risks, while minimizing false positives keeps the system user-friendly.

Confusion matrix for Input validation and sanitization
      | Predicted Valid | Predicted Invalid |
      |-----------------|-------------------|
      | True Valid (TV)  | False Invalid (FI) |
      | False Valid (FV) | True Invalid (TI)  |

      Total inputs = TV + FI + FV + TI

      - True Valid (TV): Correctly accepted good inputs
      - False Invalid (FI): Good inputs wrongly rejected
      - False Valid (FV): Bad inputs wrongly accepted
      - True Invalid (TI): Correctly rejected bad inputs
    
Tradeoff: Precision vs Recall in Input validation

Precision here means how many accepted inputs are actually good. High precision means few bad inputs get through.

Recall means how many good inputs are accepted out of all good inputs. High recall means few good inputs are wrongly blocked.

Example: If you block too many inputs to be safe, recall drops (good inputs rejected). If you accept too many inputs, precision drops (bad inputs accepted).

Balance depends on use case: For security, prioritize precision (block bad inputs). For user experience, prioritize recall (accept good inputs).

Good vs Bad metric values for Input validation
  • Good: Precision > 0.95 and Recall > 0.90 means most bad inputs blocked and most good inputs accepted.
  • Bad: Precision < 0.70 means many bad inputs get through, risking security.
  • Bad: Recall < 0.70 means many good inputs are blocked, frustrating users.
Common pitfalls in Input validation metrics
  • Accuracy paradox: If bad inputs are rare, high accuracy can hide poor detection of bad inputs.
  • Data leakage: Using test inputs that are too similar to training can inflate metrics falsely.
  • Overfitting: Model may block only known bad inputs but fail on new types.
  • Ignoring user impact: High false invalid rate frustrates users even if security is strong.
Self-check question

Your input validation model has 98% accuracy but only 12% recall on good inputs. Is it good for production? Why or why not?

Answer: No, it is not good. The low recall means most good inputs are wrongly blocked, causing poor user experience despite high accuracy.

Key Result
For input validation, balancing high precision (blocking bad inputs) and high recall (accepting good inputs) is key to secure and user-friendly systems.

Practice

(1/5)
1. What is the main purpose of input validation in machine learning systems?
easy
A. To train the model with new data
B. To clean the data by removing unwanted characters
C. To check if the input data is the correct type and format
D. To store data securely in a database

Solution

  1. Step 1: Understand input validation

    Input validation means checking if the data is the right type and format before using it.
  2. Step 2: Differentiate from sanitization

    Input sanitization cleans data, but validation focuses on correctness and format.
  3. Final Answer:

    To check if the input data is the correct type and format -> Option C
  4. Quick Check:

    Input validation = Check data type and format [OK]
Hint: Validation means checking data type and format [OK]
Common Mistakes:
  • Confusing validation with sanitization
  • Thinking validation trains the model
  • Assuming validation stores data
2. Which of the following is the correct way to validate that an input is a positive integer in Python?
easy
A. if isinstance(input_value, int) and input_value > 0:
B. if type(input_value) == 'int' and input_value > 0:
C. if input_value.isdigit() and input_value > 0:
D. if input_value > 0:

Solution

  1. Step 1: Check type correctly

    Use isinstance(input_value, int) to check if input is an integer.
  2. Step 2: Check positivity

    Ensure the integer is greater than zero with input_value > 0.
  3. Final Answer:

    if isinstance(input_value, int) and input_value > 0: -> Option A
  4. Quick Check:

    Use isinstance and > 0 for positive integer check [OK]
Hint: Use isinstance() to check type, then compare value [OK]
Common Mistakes:
  • Using type() == 'int' (wrong syntax)
  • Calling isdigit() on non-string input
  • Skipping type check before comparison
3. Given the code below, what will be the output?
def sanitize_input(text):
    return text.strip().lower()

user_input = '  Hello World!  '
cleaned = sanitize_input(user_input)
print(cleaned)
medium
A. Hello World!
B. !dlroW olleH
C. HELLO WORLD!
D. hello world!

Solution

  1. Step 1: Understand strip()

    The strip() method removes spaces from the start and end of the string.
  2. Step 2: Understand lower()

    The lower() method converts all letters to lowercase.
  3. Final Answer:

    hello world! -> Option D
  4. Quick Check:

    strip + lower = 'hello world!' [OK]
Hint: strip removes spaces, lower makes all letters small [OK]
Common Mistakes:
  • Ignoring strip() effect on spaces
  • Confusing lower() with upper()
  • Expecting original casing in output
4. Identify the error in this input validation code snippet:
def validate_age(age):
    if age.isdigit() and age > 0:
        return True
    else:
        return False
medium
A. Comparing string with integer using > operator
B. Using isdigit() on a non-string type
C. Missing return statement in else block
D. Function name is invalid

Solution

  1. Step 1: Check isdigit() usage

    isdigit() works on strings, so age should be a string here.
  2. Step 2: Identify type mismatch in comparison

    Comparing age > 0 compares string to int, which causes error.
  3. Final Answer:

    Comparing string with integer using > operator -> Option A
  4. Quick Check:

    String > int comparison causes error [OK]
Hint: Check types before comparing values [OK]
Common Mistakes:
  • Assuming isdigit() converts type
  • Ignoring type mismatch in comparisons
  • Thinking function name affects validation
5. You receive user data as a list of strings representing ages: ['25', ' 30', 'twenty', '40', '']. Which code snippet correctly validates and sanitizes this data to keep only valid positive integers?
hard
A. valid_ages = [age for age in ages if age.isdigit() and age > 0]
B. valid_ages = [int(age.strip()) for age in ages if age.strip().isdigit() and int(age.strip()) > 0]
C. valid_ages = [int(age) for age in ages if age.isnumeric()]
D. valid_ages = [int(age) for age in ages if age.strip() != '']

Solution

  1. Step 1: Sanitize input by stripping spaces

    Use age.strip() to remove spaces before validation.
  2. Step 2: Validate with isdigit() and positive check

    Check if stripped string is digits only and convert to int to check > 0.
  3. Step 3: Convert valid strings to integers

    Use int(age.strip()) to convert valid strings to integers.
  4. Final Answer:

    valid_ages = [int(age.strip()) for age in ages if age.strip().isdigit() and int(age.strip()) > 0] -> Option B
  5. Quick Check:

    Strip spaces, check digits, convert to int > 0 [OK]
Hint: Strip spaces before isdigit(), then convert and check > 0 [OK]
Common Mistakes:
  • Not stripping spaces before validation
  • Comparing strings directly to numbers
  • Including empty or non-digit strings