In plain English
This page explains where an AI behavior can live. It may be in a model, but it may also be in a prompt, memory record, adapter, dataset, tool setting, evaluator rule, or human workflow.
- Why this matters: AI risk can come from the whole arrangement, not one obvious model.
- What to look for: data, memory, routes, adapters, tools, evaluators, updates, and rollback paths.
- Technical version below: the expert terminology remains available and is linked through the glossary.
Report-Derived Threat Surface
The latest report corpus expands the ecological attack surfaceThe combined attack surface created by models, adapters, communications, memory, tools, routing, evaluation, lineage, release infrastructure, and human operations. Open glossary definition. It is no longer enough to list model weights and prompts. The threat surface includes artifact, runtime, data, governance, infrastructure, and human-incentive layers.
The reports now feed the public system map.
Raw reports remain in /docs. Public pages use bounded concepts: transition graphs, adapter reproduction, persistence reservoirs, evaluator drift, execution-time controls, and human-incentive boundaries.
| Layer | Examples |
|---|---|
| Artifact | base weights, adapters, quantization state, tokenizer, model file format |
| Runtime | router, load order, inference config, context window, tool profileThe set of external actions an AI system is allowed to take. Open glossary definition |
| Data | memory, logs, synthetic examples, distillation sets, retained traces |
| Governance | evaluatorA system that judges whether an AI output or candidate is acceptable. Open glossary definition, hidden tests, registry, signing keys, release aliases |
| Infrastructure | package managers, CI/CD, GPU pools, model hubs, browser cache |
| Human | approval fatigue, social status, dependency, operator understanding |
Use
This page helps reviewers decide whether a proposed change affects only one component or a broader ecology. Every layer can carry behavioral residueInformation or tendencies left in memory, synthetic data, traces, evaluator preferences, or subsequent training material after a component is retired. Open glossary definition.