Passing tests ≠ safe code

One thing we learned the hard way:

Passing tests doesn’t mean your code is safe.

We had a PR that:

- had good test coverage

- passed CI

- looked well structured

Still caused a production issue.

Why?

Tests only covered expected paths.

The real failure came from an untested edge case.

And during review, nothing looked suspicious.

That’s the tricky part —

you’re not reviewing what’s missing.

After seeing this multiple times, it became clear:

CI validates correctness,

but not necessarily risk.

That’s where we started experimenting with adding a “risk layer” before merge (what became MergAI).

Curious how others handle this:

Do you rely on test coverage as a signal of safety?

Or have you seen it fail like this?