{ "version": "1.22.1", "updated_utc": "2026-06-29T02:15:00Z", "boundary": "Cognivirus.com is the risk-analysis side. ModelBreeder.com can explore constructive possibility. This register translates possibility mechanics into risk surfaces and defensive controls.", "riskCategories": [ { "id": "candidate-swarm", "title": "Candidate swarm risk", "evidenceLevel": "Strong architectural inference", "risk": "A population of generated descendants can exceed the review capacity of the team that must evaluate them.", "whyItMatters": "A model-breeding loop can create more candidates, adapter stacks, prompts, and route variants than ordinary component review can cover.", "signals": [ "large generation batches", "unreviewed candidates", "batch promotion", "score-only triage" ], "controls": [ "candidate quotas", "generation ledger", "hard freeze on autonomous promotion", "review backlog threshold" ] }, { "id": "fitness-proxy-capture", "title": "Fitness proxy capture", "evidenceLevel": "Strong architectural inference", "risk": "Candidates evolve toward whatever is measured, not necessarily what operators intended.", "whyItMatters": "FitnessVector dashboards and composite viability scores can turn narrow proxy performance into apparent broad trust.", "signals": [ "one composite score", "hidden metric weights", "no disagreement record", "metric improvement with user-quality complaints" ], "controls": [ "independent evaluators", "hidden-test rotation", "judge disagreement log", "no-op release option" ] }, { "id": "novelty-overreward", "title": "Novelty overreward", "evidenceLevel": "Strong architectural inference", "risk": "Novel behavior can be rewarded because it is different, even when it is brittle, unsafe, or uninterpretable.", "whyItMatters": "Quality-diversity and novelty archives are useful discovery tools, but novelty without safety boundaries can preserve odd failure modes.", "signals": [ "novelty used as promotion input", "unexplained behavior clusters", "weak descriptors", "no human-readable rationale" ], "controls": [ "novelty quarantine", "descriptor review", "behavioral safety labels", "archive without promotion" ] }, { "id": "speciation-niche-blindness", "title": "Speciation niche blindness", "evidenceLevel": "Strong architectural inference", "risk": "Niche specialists can accumulate unreviewed capabilities because each niche appears small and harmless.", "whyItMatters": "A bounded specialist ecology can be good engineering; it also multiplies evidence obligations across contexts.", "signals": [ "many small specialists", "local-only tests", "cross-niche routing", "no niche owner" ], "controls": [ "niche inventory", "cross-niche composition tests", "route-specific owners", "retirement criteria per species" ] }, { "id": "multi-parent-lineage-laundering", "title": "Multi-parent lineage laundering", "evidenceLevel": "Strong architectural inference", "risk": "Multi-parent merges can obscure which parent, adapter, prompt, or dataset introduced a behavior.", "whyItMatters": "When more parents enter a merge, provenance becomes graph-shaped. Single-source attribution is usually false.", "signals": [ "N-way merge", "missing parent hashes", "missing load-order record", "undocumented merge operator" ], "controls": [ "parent hash list", "operator manifest", "layer-level source map where possible", "rollback to pre-merge parents" ] }, { "id": "adapter-micro-carrier", "title": "Adapter micro-carrier risk", "evidenceLevel": "Security-framework consensus", "risk": "Small adapters, LoRA deltas, and PEFT modules can move trust-impacting behavior without changing the base model file.", "whyItMatters": "The smallest component may be the most portable carrier.", "signals": [ "external adapters", "unsigned deltas", "opaque rankings", "adapter marketplace imports" ], "controls": [ "adapter signing", "supplier review", "SBOM/ML-BOM", "stack-specific evaluation" ] }, { "id": "edge-dispersion", "title": "Edge and browser dispersion", "evidenceLevel": "Strong architectural inference", "risk": "Local-first and browser-native execution can distribute state, caches, adapters, and logs across machines where central inventory is weaker.", "whyItMatters": "Local privacy and resilience are useful, but they can also make retirement and rollback harder.", "signals": [ "offline runs", "local adapter cache", "browser-side model state", "unreported local prompts" ], "controls": [ "local manifest export", "cache inventory", "signed update channel", "retirement receipt" ] }, { "id": "runtime-memory-leakage", "title": "Runtime memory leakage and residue", "evidenceLevel": "Strong architectural inference", "risk": "KV caches, paged attention blocks, GPU memory, browser workers, and persistent caches can retain sensitive or behavior-shaping residue.", "whyItMatters": "A clean prompt boundary is incomplete if runtime state can be reused, leaked, or misattributed.", "signals": [ "shared worker pools", "prefix cache reuse", "paged cache bugs", "cross-agent memory reuse" ], "controls": [ "cache ownership", "explicit zeroization where feasible", "session partitioning", "runtime residue tests" ] }, { "id": "custom-parser-and-allocator-risk", "title": "Custom parser and allocator risk", "evidenceLevel": "Strong architectural inference", "risk": "Zero-dependency code can reduce third-party supply-chain exposure while increasing responsibility for every custom binary parser, allocator, decoder, and tokenizer.", "whyItMatters": "Owning the code path does not eliminate defects; it moves defects into the local trust boundary.", "signals": [ "custom model format", "custom tokenizer", "custom allocator", "unchecked binary headers" ], "controls": [ "format fuzzing", "bounds checks", "manifest parity", "test corpus", "reproducible builds" ] }, { "id": "synthetic-feedback-selection", "title": "Synthetic feedback selection", "evidenceLevel": "Demonstrated research proof-of-concept", "risk": "Recursive synthetic data can preserve distortions and erase rare information if source labels and fresh data are weak.", "whyItMatters": "A breeding loop that feeds descendants with prior descendant outputs may lock in the wrong distribution.", "signals": [ "unlabeled synthetic data", "model-generated eval examples", "declining rare-case recall", "self-training loops" ], "controls": [ "synthetic-origin labels", "fresh-data quota", "rare-case holdouts", "data quarantine" ] }, { "id": "dashboard-trust-theater", "title": "Dashboard trust theater", "evidenceLevel": "Strong architectural inference", "risk": "A polished evolution dashboard can make a weak evidence state look controlled.", "whyItMatters": "Population tables, graphs, and badges must expose uncertainty rather than compress it away.", "signals": [ "green status without evidence", "chart-only decision", "no source links", "no what-is-not-proven panel" ], "controls": [ "visible evidence labels", "source links", "boundary panels", "disagreement and skipped-check sections" ] }, { "id": "modelbreeder-cognivirus-boundary-confusion", "title": "ModelBreeder / Cognivirus boundary confusion", "evidenceLevel": "Strong architectural inference", "risk": "Possibility-side language can leak into the risk site and make Cognivirus sound like it endorses uncontrolled evolution.", "whyItMatters": "The two sites should complement each other: ModelBreeder explores governed capability; Cognivirus analyzes failure modes and controls.", "signals": [ "benefit-first copy on risk pages", "risk warnings removed", "risk controls not linked", "unclear site role" ], "controls": [ "risk-side boundary note", "separate possibility links", "Cognivirus controls first", "source-bounded claim labels" ] } ], "sourceReports": [ "Modelbreeder Architecture and Resources Part 2(1).md", "ModelBreeder Architecture and Projects(1).md", "ModelBreeder Architecture and Resources(1).md", "Model Breeder Architecture Deep Dive(1).md", "ModelBreeder Architecture Exploration(1).md", "Exploring Ecology Dashboard Architecture(1).md", "Zero-Dependency Rust LLM Improvements.md", "Cognivirus Apex Threat Research Expansion.md", "Apex Threat content on Cognivirus.md" ] }