Whitepaper: The judgment problem in AI-generated API test suites

riyajoshi2 pts0 comments

Building Adaptive Coverage Systems for API Testing | KushoAI

Executive Summary

AI has made test generation faster, but faster generation has not solved coverage quality. Teams can produce more tests than ever and still miss the cases that matter: important edge cases, cross-field behavior, weak assertions, and suites that fall out of date as systems change.

The underlying shift is from static test suites to adaptive coverage systems. An adaptive coverage system ingests product context, plans coverage, generates executable tests, validates them through execution, learns from corrections, and updates suites as the software changes. The hard part is not generating valid tests. It is teaching the system what a QA engineer considers useful, relevant, non-redundant, and appropriately scoped.

KushoAI's architecture is one instance of that pattern. It separates QA judgment from execution mechanics. Fine-tuned models decide test and assertion intent. Frontier models handle payloads, code, framework-specific output, and execution support. Execution feedback and human corrections improve the system over time.

As one public evaluation anchor, APIEval-20 shows that the gap in AI-generated API tests appears most clearly on complex bugs involving relationships between fields, not on simple schema-level mutations. That finding frames the rest of this paper. The difference between a fast test generator and a useful one is judgment about what to test and what to assert, and the architecture described here is built to encode that judgment and validate it.

From Static Test Suites to Adaptive Coverage Systems

Traditional test automation assumes that humans define coverage and tools execute it. AI-native testing changes that assumption. The system now helps decide what coverage should exist, validates whether generated tests are useful, and maintains suites as software changes.

Static suites degrade for reasons that have little to do with how carefully they were written:

APIs change, and endpoints gain or lose fields.

Workflows evolve, and new dependencies appear.

Authentication and authorization behavior shifts.

Schemas drift away from the tests written against them.

Edge cases missed at authoring time are never added.

Tests go stale and stop reflecting current behavior.

Teams patch the suites they have instead of expanding coverage.

The result is familiar: coverage that looks adequate on paper and erodes in practice. An adaptive coverage system treats coverage as something to plan, validate, and maintain continuously rather than author once.

Why Faster Test Generation Is Not Enough

Generating tests quickly is now easy. Generating a good test suite is not. When general-purpose models were used across the full pipeline, six failure modes appeared in production.

Over-generation. The model would produce 20 to 30 cases where 8 would have been sufficient. Many were plausible but not meaningfully distinct, and the excess made suites harder to review and trust.

Under-generation. In other cases the model missed obvious scenarios: omitted required fields, invalid enum values, boundary values, malformed formats, missing authentication cases, expected error responses.

Redundancy. The model generated several tests that checked the same behavior through slightly different wording or payloads, treating "invalid value," "incorrect value," and "unsupported value" as three cases when they mapped to one check.

Inconsistency. Two structurally similar endpoints could receive very different treatment, one balanced across positive, negative, and boundary coverage, the other sparse or bloated.

Weak assertions. Generated tests often check that a response exists or matches a broad schema but miss the behavior that actually matters.

Poor relationship testing. Many generated tests mutate fields independently and miss failures that appear when individually valid fields combine into an invalid state.

These are not failures of syntax or API knowledge. They are failures of coverage judgment. A model can generate valid tests and still produce a weak test suite.

API Testing as a Judgment Problem

The pattern across those failure modes points to a single cause. The models already knew what APIs were, what HTTP methods and request bodies were, and what schema validation meant. What they lacked was the judgment to decide how much testing is appropriate, which scenarios carry the most risk, which cases are redundant, and how to stay consistent across similar endpoints.

API test generation is therefore a calibration problem before it is a knowledge problem. The knowledge is broadly shared across current models. The judgment about what deserves to be tested, and how thoroughly, is the part that separates a fast generator from a useful one. The rest of this paper is about how to encode that judgment and how to validate it.

Why Prompting Helps but Plateaus

Before fine-tuning, the team worked the problem through prompting: structured...

coverage test tests judgment suites cases

Related Articles