icdev 1.0.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- icdev/__init__.py +18 -0
- icdev/_paths.py +85 -0
- icdev/_version.py +3 -0
- icdev/data/__init__.py +1 -0
- icdev/data/args/__init__.py +1 -0
- icdev/data/args/agent_authority.yaml +61 -0
- icdev/data/args/agent_config.yaml +355 -0
- icdev/data/args/agentic_fitness.yaml +31 -0
- icdev/data/args/ai_governance_config.yaml +137 -0
- icdev/data/args/atlas_critique_config.yaml +66 -0
- icdev/data/args/bedrock_models.yaml +63 -0
- icdev/data/args/cicd_config.yaml +82 -0
- icdev/data/args/classification_config.yaml +232 -0
- icdev/data/args/cli_config.yaml +154 -0
- icdev/data/args/cloud_config.yaml +63 -0
- icdev/data/args/code_pattern_config.yaml +151 -0
- icdev/data/args/code_quality_config.yaml +47 -0
- icdev/data/args/companion_registry.yaml +202 -0
- icdev/data/args/context_config.yaml +82 -0
- icdev/data/args/csp_monitor_config.yaml +268 -0
- icdev/data/args/cui_markings.yaml +35 -0
- icdev/data/args/db_config.yaml +40 -0
- icdev/data/args/deployment_profiles.yaml +248 -0
- icdev/data/args/dev_profile_config.yaml +144 -0
- icdev/data/args/devsecops_config.yaml +286 -0
- icdev/data/args/endpoint_security_config.yaml +137 -0
- icdev/data/args/extension_config.yaml +79 -0
- icdev/data/args/file_access_tiers.yaml +88 -0
- icdev/data/args/framework_registry.yaml +415 -0
- icdev/data/args/innovation_config.yaml +431 -0
- icdev/data/args/installation_manifest.yaml +1087 -0
- icdev/data/args/llm_config.yaml +495 -0
- icdev/data/args/maintenance_config.yaml +55 -0
- icdev/data/args/memory_config.yaml +83 -0
- icdev/data/args/monitoring_config.yaml +127 -0
- icdev/data/args/mosa_config.yaml +190 -0
- icdev/data/args/nlq_config.yaml +35 -0
- icdev/data/args/observability_config.yaml +39 -0
- icdev/data/args/observability_tracing_config.yaml +170 -0
- icdev/data/args/oscal_tools_config.yaml +43 -0
- icdev/data/args/owasp_agentic_config.yaml +171 -0
- icdev/data/args/phase_registry.yaml +618 -0
- icdev/data/args/project_defaults.yaml +235 -0
- icdev/data/args/prompt_chains.yaml +163 -0
- icdev/data/args/resilience_config.yaml +50 -0
- icdev/data/args/ricoas_config.yaml +191 -0
- icdev/data/args/role_personas.yaml +362 -0
- icdev/data/args/scaling_config.yaml +176 -0
- icdev/data/args/security_gates.yaml +685 -0
- icdev/data/args/skill_injection_config.yaml +322 -0
- icdev/data/args/spec_config.yaml +53 -0
- icdev/data/args/supply_chain_config.yaml +76 -0
- icdev/data/args/translation_config.yaml +228 -0
- icdev/data/args/workflow_templates/ato_acceleration.yaml +54 -0
- icdev/data/args/workflow_templates/build_deploy.yaml +63 -0
- icdev/data/args/workflow_templates/full_compliance.yaml +43 -0
- icdev/data/args/workflow_templates/security_hardening.yaml +55 -0
- icdev/data/args/worktree_config.yaml +34 -0
- icdev/data/args/zta_config.yaml +247 -0
- icdev/data/context/__init__.py +1 -0
- icdev/data/context/agent/__init__.py +1 -0
- icdev/data/context/agent/response_schemas/__init__.py +1 -0
- icdev/data/context/agent/response_schemas/debate_position.json +46 -0
- icdev/data/context/agent/response_schemas/fitness_scorecard.json +74 -0
- icdev/data/context/agent/response_schemas/review_decision.json +39 -0
- icdev/data/context/agent/response_schemas/task_decomposition.json +82 -0
- icdev/data/context/agent/response_schemas/veto_decision.json +40 -0
- icdev/data/context/agentic/__init__.py +1 -0
- icdev/data/context/agentic/architecture_patterns.md +269 -0
- icdev/data/context/agentic/capability_registry.yaml +202 -0
- icdev/data/context/agentic/csp_mcp_registry.yaml +280 -0
- icdev/data/context/agentic/fitness_rubric.md +56 -0
- icdev/data/context/agentic/governance_baseline.md +205 -0
- icdev/data/context/ci/__init__.py +1 -0
- icdev/data/context/ci/worktree_templates.json +44 -0
- icdev/data/context/cloud/__init__.py +1 -0
- icdev/data/context/cloud/csp_service_registry.json +739 -0
- icdev/data/context/compliance/__init__.py +1 -0
- icdev/data/context/compliance/atlas_mitigations.json +293 -0
- icdev/data/context/compliance/atlas_techniques.json +833 -0
- icdev/data/context/compliance/cisa_sbd_requirements.json +432 -0
- icdev/data/context/compliance/cjis_security_policy.json +522 -0
- icdev/data/context/compliance/cmmc_practices.json +2494 -0
- icdev/data/context/compliance/cmmc_report_template.md +142 -0
- icdev/data/context/compliance/cnssi_1253_overlay.json +109 -0
- icdev/data/context/compliance/control_crosswalk.json +1914 -0
- icdev/data/context/compliance/control_families/__init__.py +1 -0
- icdev/data/context/compliance/csp_certifications.json +251 -0
- icdev/data/context/compliance/cssp_report_template.md +193 -0
- icdev/data/context/compliance/cui_templates/__init__.py +1 -0
- icdev/data/context/compliance/cui_templates/banner_block.txt +4 -0
- icdev/data/context/compliance/cui_templates/code_header.txt +8 -0
- icdev/data/context/compliance/cui_templates/document_template.md +35 -0
- icdev/data/context/compliance/data_type_framework_map.json +321 -0
- icdev/data/context/compliance/data_type_registry.json +147 -0
- icdev/data/context/compliance/dod_cssp_8530.json +463 -0
- icdev/data/context/compliance/eu_ai_act_annex_iii.json +108 -0
- icdev/data/context/compliance/export_templates/__init__.py +1 -0
- icdev/data/context/compliance/export_templates/emass_controls.csv.j2 +4 -0
- icdev/data/context/compliance/export_templates/evidence_package.md.j2 +39 -0
- icdev/data/context/compliance/export_templates/executive_summary.md.j2 +55 -0
- icdev/data/context/compliance/export_templates/poam_tracking.csv.j2 +4 -0
- icdev/data/context/compliance/fedramp_20x_ksi_schemas.json +133 -0
- icdev/data/context/compliance/fedramp_high_baseline.json +4370 -0
- icdev/data/context/compliance/fedramp_moderate_baseline.json +2183 -0
- icdev/data/context/compliance/fedramp_report_template.md +181 -0
- icdev/data/context/compliance/fips_200_areas.json +362 -0
- icdev/data/context/compliance/gao_ai_accountability.json +262 -0
- icdev/data/context/compliance/hipaa_security_rule.json +720 -0
- icdev/data/context/compliance/hitrust_csf_v11.json +930 -0
- icdev/data/context/compliance/impact_level_profiles.json +251 -0
- icdev/data/context/compliance/incident_response_template.md +1110 -0
- icdev/data/context/compliance/iso27001_2022_controls.json +750 -0
- icdev/data/context/compliance/iso27001_nist_bridge.json +382 -0
- icdev/data/context/compliance/iso42001_controls.json +254 -0
- icdev/data/context/compliance/ivv_checklist_template.md +80 -0
- icdev/data/context/compliance/ivv_report_template.md +116 -0
- icdev/data/context/compliance/ivv_requirements.json +372 -0
- icdev/data/context/compliance/mosa_crosswalk.json +327 -0
- icdev/data/context/compliance/mosa_framework.json +250 -0
- icdev/data/context/compliance/narrative_templates/AC.md.j2 +101 -0
- icdev/data/context/compliance/narrative_templates/AU.md.j2 +106 -0
- icdev/data/context/compliance/narrative_templates/IA.md.j2 +104 -0
- icdev/data/context/compliance/narrative_templates/SC.md.j2 +102 -0
- icdev/data/context/compliance/narrative_templates/SI.md.j2 +111 -0
- icdev/data/context/compliance/narrative_templates/__init__.py +1 -0
- icdev/data/context/compliance/narrative_templates/default.md.j2 +50 -0
- icdev/data/context/compliance/narrative_templates/executive_summary.j2 +27 -0
- icdev/data/context/compliance/narrative_templates/poam_milestone.j2 +19 -0
- icdev/data/context/compliance/narrative_templates/ssp_section.j2 +11 -0
- icdev/data/context/compliance/nist_800_171_controls.json +1552 -0
- icdev/data/context/compliance/nist_800_207_crosswalk.json +399 -0
- icdev/data/context/compliance/nist_800_207_zta.json +258 -0
- icdev/data/context/compliance/nist_800_53.json +324 -0
- icdev/data/context/compliance/nist_ai_600_1_genai.json +326 -0
- icdev/data/context/compliance/nist_ai_rmf.json +206 -0
- icdev/data/context/compliance/nist_sp_800_60_types.json +1667 -0
- icdev/data/context/compliance/omb_m25_21_high_impact_ai.json +248 -0
- icdev/data/context/compliance/omb_m26_04_unbiased_ai.json +262 -0
- icdev/data/context/compliance/owasp_agentic_asi.json +133 -0
- icdev/data/context/compliance/owasp_agentic_threats.json +285 -0
- icdev/data/context/compliance/owasp_llm_top10.json +274 -0
- icdev/data/context/compliance/pci_dss_v4.json +510 -0
- icdev/data/context/compliance/poam_template.md +117 -0
- icdev/data/context/compliance/safeai_controls.json +512 -0
- icdev/data/context/compliance/sbd_report_template.md +77 -0
- icdev/data/context/compliance/siem_config_templates/__init__.py +1 -0
- icdev/data/context/compliance/siem_config_templates/filebeat.yml +213 -0
- icdev/data/context/compliance/siem_config_templates/log_sources.json +208 -0
- icdev/data/context/compliance/soc2_trust_criteria.json +661 -0
- icdev/data/context/compliance/ssp_template.md +432 -0
- icdev/data/context/compliance/stig_templates/__init__.py +1 -0
- icdev/data/context/compliance/stig_templates/webapp_stig.json +139 -0
- icdev/data/context/compliance/xai_requirements.json +108 -0
- icdev/data/context/dashboard/__init__.py +1 -0
- icdev/data/context/dashboard/nlq_examples.json +50 -0
- icdev/data/context/dashboard/schema_descriptions.json +23 -0
- icdev/data/context/integration/__init__.py +1 -0
- icdev/data/context/integration/approval_workflows.json +32 -0
- icdev/data/context/integration/gitlab_field_mappings.json +33 -0
- icdev/data/context/integration/jira_field_mappings.json +32 -0
- icdev/data/context/integration/reqif_export_schema.json +23 -0
- icdev/data/context/integration/servicenow_field_mappings.json +22 -0
- icdev/data/context/languages/__init__.py +1 -0
- icdev/data/context/languages/framework_patterns.json +205 -0
- icdev/data/context/languages/language_registry.json +279 -0
- icdev/data/context/llm/__init__.py +1 -0
- icdev/data/context/llm/example_provider.py +86 -0
- icdev/data/context/mbse/__init__.py +1 -0
- icdev/data/context/mbse/des_report_template.md +162 -0
- icdev/data/context/mbse/des_requirements.json +411 -0
- icdev/data/context/mbse/digital_thread_patterns.json +403 -0
- icdev/data/context/mbse/reqif_schema.json +280 -0
- icdev/data/context/mbse/sysml_element_types.json +432 -0
- icdev/data/context/modernization/__init__.py +1 -0
- icdev/data/context/modernization/db_type_mappings.json +148 -0
- icdev/data/context/modernization/decomposition_patterns.json +284 -0
- icdev/data/context/modernization/framework_migration_patterns.json +359 -0
- icdev/data/context/modernization/migration_report_template.md +168 -0
- icdev/data/context/modernization/seven_rs_catalog.json +369 -0
- icdev/data/context/modernization/version_upgrade_rules.json +279 -0
- icdev/data/context/oscal/NIST_SP-800-53_rev5_catalog.json +254987 -0
- icdev/data/context/oscal/README.md +43 -0
- icdev/data/context/patterns/__init__.py +1 -0
- icdev/data/context/profiles/__init__.py +1 -0
- icdev/data/context/profiles/dod_baseline_v1.yaml +145 -0
- icdev/data/context/profiles/fedramp_baseline_v1.yaml +143 -0
- icdev/data/context/profiles/financial_baseline_v1.yaml +142 -0
- icdev/data/context/profiles/healthcare_baseline_v1.yaml +135 -0
- icdev/data/context/profiles/law_enforcement_v1.yaml +129 -0
- icdev/data/context/profiles/startup_v1.yaml +134 -0
- icdev/data/context/requirements/__init__.py +1 -0
- icdev/data/context/requirements/ambiguity_patterns.json +97 -0
- icdev/data/context/requirements/boundary_impact_rules.json +123 -0
- icdev/data/context/requirements/default_constitutions.json +67 -0
- icdev/data/context/requirements/document_extraction_rules.json +58 -0
- icdev/data/context/requirements/gap_patterns.json +108 -0
- icdev/data/context/requirements/readiness_rubric.json +78 -0
- icdev/data/context/requirements/red_alternative_patterns.json +210 -0
- icdev/data/context/requirements/safe_templates.json +72 -0
- icdev/data/context/requirements/spec_quality_checklist.json +122 -0
- icdev/data/context/simulation/__init__.py +1 -0
- icdev/data/context/simulation/architecture_patterns.json +36 -0
- icdev/data/context/simulation/coa_templates.json +38 -0
- icdev/data/context/simulation/cost_models.json +23 -0
- icdev/data/context/simulation/risk_categories.json +46 -0
- icdev/data/context/supply_chain/__init__.py +1 -0
- icdev/data/context/supply_chain/isa_templates.json +129 -0
- icdev/data/context/supply_chain/nist_800_161_controls.json +247 -0
- icdev/data/context/supply_chain/scrm_risk_matrix.json +147 -0
- icdev/data/context/templates/__init__.py +1 -0
- icdev/data/context/templates/ansible/__init__.py +1 -0
- icdev/data/context/templates/ansible/playbooks/__init__.py +1 -0
- icdev/data/context/templates/ansible/roles/__init__.py +1 -0
- icdev/data/context/templates/gitlab_ci/__init__.py +1 -0
- icdev/data/context/templates/grafana/__init__.py +1 -0
- icdev/data/context/templates/kubernetes/__init__.py +1 -0
- icdev/data/context/templates/project/__init__.py +1 -0
- icdev/data/context/templates/project/api/__init__.py +1 -0
- icdev/data/context/templates/project/cli/__init__.py +1 -0
- icdev/data/context/templates/project/data_pipeline/__init__.py +1 -0
- icdev/data/context/templates/project/iac/__init__.py +1 -0
- icdev/data/context/templates/project/javascript_frontend/__init__.py +1 -0
- icdev/data/context/templates/project/javascript_frontend/src/__init__.py +1 -0
- icdev/data/context/templates/project/javascript_frontend/tests/__init__.py +1 -0
- icdev/data/context/templates/project/microservice/__init__.py +1 -0
- icdev/data/context/templates/project/python_backend/__init__.py +1 -0
- icdev/data/context/templates/project/python_backend/src/__init__.py +1 -0
- icdev/data/context/templates/project/python_backend/tests/__init__.py +1 -0
- icdev/data/context/templates/project/python_backend/tests/features/__init__.py +1 -0
- icdev/data/context/templates/project/python_backend/tests/steps/__init__.py +1 -0
- icdev/data/context/templates/terraform/__init__.py +1 -0
- icdev/data/context/templates/terraform/govcloud_base/__init__.py +1 -0
- icdev/data/context/templates/terraform/modules/__init__.py +1 -0
- icdev/data/context/tone/__init__.py +1 -0
- icdev/data/context/translation/dependency_mappings.json +186 -0
- icdev/data/context/translation/type_mappings.json +149 -0
- icdev/data/docs/README.md +187 -0
- icdev/data/docs/__init__.py +1 -0
- icdev/data/docs/admin/gateway-guide.md +338 -0
- icdev/data/docs/admin/marketplace-guide.md +396 -0
- icdev/data/docs/admin/monitoring-guide.md +509 -0
- icdev/data/docs/architecture/compliance-framework.md +764 -0
- icdev/data/docs/architecture/database-schema.md +689 -0
- icdev/data/docs/architecture/gotcha-framework.md +518 -0
- icdev/data/docs/architecture/multi-agent-system.md +603 -0
- icdev/data/docs/dx/README.md +106 -0
- icdev/data/docs/dx/__init__.py +1 -0
- icdev/data/docs/dx/ci-cd-integration.md +378 -0
- icdev/data/docs/dx/claude-code-guide.md +213 -0
- icdev/data/docs/dx/companion-guide.md +232 -0
- icdev/data/docs/dx/dev-profiles.md +309 -0
- icdev/data/docs/dx/icdev-yaml-spec.md +219 -0
- icdev/data/docs/dx/integration-tiers.md +279 -0
- icdev/data/docs/dx/llm-routing-guide.md +456 -0
- icdev/data/docs/dx/quickstart.md +192 -0
- icdev/data/docs/dx/sdk-reference.md +356 -0
- icdev/data/docs/dx/unified-mcp-setup.md +525 -0
- icdev/data/docs/features/__init__.py +1 -0
- icdev/data/docs/features/phase-01-gotcha-framework.md +249 -0
- icdev/data/docs/features/phase-02-atlas-build-workflow.md +223 -0
- icdev/data/docs/features/phase-03-tdd-bdd-testing.md +261 -0
- icdev/data/docs/features/phase-04-nist-compliance.md +255 -0
- icdev/data/docs/features/phase-05-security-scanning.md +229 -0
- icdev/data/docs/features/phase-06-infrastructure-deployment.md +288 -0
- icdev/data/docs/features/phase-07-code-review-gates.md +276 -0
- icdev/data/docs/features/phase-08-self-healing.md +223 -0
- icdev/data/docs/features/phase-09-monitoring-observability.md +230 -0
- icdev/data/docs/features/phase-10-dashboard-web-ui.md +218 -0
- icdev/data/docs/features/phase-11-multi-agent-architecture.md +272 -0
- icdev/data/docs/features/phase-12-integration-testing.md +228 -0
- icdev/data/docs/features/phase-13-cicd-integration.md +257 -0
- icdev/data/docs/features/phase-14-secure-by-design-ivv.md +240 -0
- icdev/data/docs/features/phase-15-maintenance-audit.md +192 -0
- icdev/data/docs/features/phase-16-ato-acceleration.md +228 -0
- icdev/data/docs/features/phase-17-multi-framework-compliance.md +223 -0
- icdev/data/docs/features/phase-18-mbse-integration.md +242 -0
- icdev/data/docs/features/phase-19-agentic-generation.md +202 -0
- icdev/data/docs/features/phase-20-fips-security-categorization.md +198 -0
- icdev/data/docs/features/phase-21-saas-multi-tenancy.md +273 -0
- icdev/data/docs/features/phase-22-federated-gotcha-marketplace.md +242 -0
- icdev/data/docs/features/phase-23-universal-compliance-platform.md +238 -0
- icdev/data/docs/features/phase-24-devsecops-pipeline-security.md +198 -0
- icdev/data/docs/features/phase-25-zero-trust-architecture.md +220 -0
- icdev/data/docs/features/phase-26-dod-mosa.md +205 -0
- icdev/data/docs/features/phase-27-cli-capabilities.md +222 -0
- icdev/data/docs/features/phase-28-remote-command-gateway.md +235 -0
- icdev/data/docs/features/phase-29-proactive-monitoring.md +212 -0
- icdev/data/docs/features/phase-30-dashboard-auth.md +215 -0
- icdev/data/docs/features/phase-31-dashboard-ux-low-impact.md +188 -0
- icdev/data/docs/features/phase-32-dashboard-ux-medium-impact.md +223 -0
- icdev/data/docs/features/phase-33-modular-installation.md +218 -0
- icdev/data/docs/features/phase-34-dev-profiles.md +239 -0
- icdev/data/docs/features/phase-35-innovation-engine.md +257 -0
- icdev/data/docs/features/phase-36-evolutionary-intelligence.md +351 -0
- icdev/data/docs/features/phase-37-mitre-atlas-integration.md +485 -0
- icdev/data/docs/features/phase-38-cloud-agnostic-architecture.md +1033 -0
- icdev/data/docs/features/phase-39-observability-operations.md +178 -0
- icdev/data/docs/features/phase-40-nlq-compliance-queries.md +176 -0
- icdev/data/docs/features/phase-41-parallel-cicd.md +169 -0
- icdev/data/docs/features/phase-42-framework-planning.md +177 -0
- icdev/data/docs/features/phase-43-cross-language-translation.md +225 -0
- icdev/data/docs/features/phase-44-innovation-adaptation.md +227 -0
- icdev/data/docs/features/phase-45-owasp-agentic-security.md +239 -0
- icdev/data/docs/features/phase-46-observability-traceability-xai.md +240 -0
- icdev/data/docs/features/phase-47-unified-mcp-gateway.md +257 -0
- icdev/data/docs/features/phase-48-ai-transparency.md +203 -0
- icdev/data/docs/features/phase-49-ai-accountability.md +243 -0
- icdev/data/docs/features/phase-50-ai-governance-intake-chat.md +195 -0
- icdev/data/docs/features/phase-51-unified-chat-dashboard.md +240 -0
- icdev/data/docs/features/phase-52-code-intelligence.md +244 -0
- icdev/data/docs/features/phase-53-fedramp-20x-owasp-asi.md +359 -0
- icdev/data/docs/features/phase-54-slsa-swft-orchestration.md +379 -0
- icdev/data/docs/features/phase-55-a2a-v03-mcp-oauth.md +322 -0
- icdev/data/docs/features/phase-56-evidence-lineage.md +352 -0
- icdev/data/docs/features/phase-57-eu-ai-act-iron-bank.md +319 -0
- icdev/data/docs/features/phase-58-creative-engine.md +370 -0
- icdev/data/docs/features/phase-59-govcon-intelligence.md +535 -0
- icdev/data/docs/features/phase-60-cpmp.md +528 -0
- icdev/data/docs/features/phase-61-orchestration-improvements.md +534 -0
- icdev/data/docs/operations/dashboard-guide.md +354 -0
- icdev/data/docs/operations/deployment-guide.md +556 -0
- icdev/data/docs/operations/saas-admin-guide.md +439 -0
- icdev/data/docs/operations/security-operations-guide.md +733 -0
- icdev/data/docs/runbooks/backup-restore.md +412 -0
- icdev/data/docs/runbooks/troubleshooting.md +499 -0
- icdev/data/features/__init__.py +1 -0
- icdev/data/features/cicd_integration.feature +41 -0
- icdev/data/features/compliance_gates.feature +46 -0
- icdev/data/features/dashboard.feature +72 -0
- icdev/data/features/environment.py +25 -0
- icdev/data/features/project_management.feature +32 -0
- icdev/data/features/requirements_intake.feature +42 -0
- icdev/data/features/saas_platform.feature +53 -0
- icdev/data/features/security_scanning.feature +36 -0
- icdev/data/features/steps/__init__.py +1 -0
- icdev/data/features/steps/cicd_steps.py +465 -0
- icdev/data/features/steps/compliance_steps.py +308 -0
- icdev/data/features/steps/dashboard_steps.py +88 -0
- icdev/data/features/steps/project_steps.py +126 -0
- icdev/data/features/steps/requirements_intake_steps.py +689 -0
- icdev/data/features/steps/saas_platform_steps.py +572 -0
- icdev/data/features/steps/security_steps.py +236 -0
- icdev/data/features/steps/testing_steps.py +226 -0
- icdev/data/features/testing_pipeline.feature +42 -0
- icdev/data/goals/__init__.py +1 -0
- icdev/data/goals/agent_management.md +144 -0
- icdev/data/goals/agentic_generation.md +345 -0
- icdev/data/goals/agentic_threat_model.md +309 -0
- icdev/data/goals/ai_accountability.md +90 -0
- icdev/data/goals/ai_governance_intake.md +132 -0
- icdev/data/goals/ai_transparency.md +76 -0
- icdev/data/goals/atlas_integration.md +405 -0
- icdev/data/goals/ato_acceleration.md +139 -0
- icdev/data/goals/boundary_supply_chain.md +206 -0
- icdev/data/goals/build_app.md +544 -0
- icdev/data/goals/cicd_integration.md +86 -0
- icdev/data/goals/claude_dir_maintenance.md +77 -0
- icdev/data/goals/cli_capabilities.md +340 -0
- icdev/data/goals/cloud_agnostic.md +312 -0
- icdev/data/goals/code_intelligence.md +197 -0
- icdev/data/goals/code_review.md +94 -0
- icdev/data/goals/compliance_workflow.md +858 -0
- icdev/data/goals/continuous_harmonization.md +140 -0
- icdev/data/goals/cross_language_translation.md +171 -0
- icdev/data/goals/dashboard.md +142 -0
- icdev/data/goals/deploy_workflow.md +390 -0
- icdev/data/goals/devsecops_workflow.md +408 -0
- icdev/data/goals/evolutionary_intelligence.md +305 -0
- icdev/data/goals/external_integration.md +113 -0
- icdev/data/goals/framework_planning.md +63 -0
- icdev/data/goals/init_project.md +235 -0
- icdev/data/goals/innovation_engine.md +199 -0
- icdev/data/goals/integration_testing.md +189 -0
- icdev/data/goals/maintenance_audit.md +196 -0
- icdev/data/goals/manifest.md +56 -0
- icdev/data/goals/mbse_integration.md +504 -0
- icdev/data/goals/modernization_workflow.md +618 -0
- icdev/data/goals/monitoring.md +126 -0
- icdev/data/goals/mosa_workflow.md +463 -0
- icdev/data/goals/multi_agent_orchestration.md +68 -0
- icdev/data/goals/nlq_compliance.md +63 -0
- icdev/data/goals/observability.md +64 -0
- icdev/data/goals/observability_traceability_xai.md +154 -0
- icdev/data/goals/owasp_agentic_security.md +395 -0
- icdev/data/goals/parallel_cicd.md +61 -0
- icdev/data/goals/requirements_intake.md +213 -0
- icdev/data/goals/sbd_ivv_workflow.md +195 -0
- icdev/data/goals/security_categorization.md +133 -0
- icdev/data/goals/security_scan.md +381 -0
- icdev/data/goals/self_healing.md +120 -0
- icdev/data/goals/simulation_engine.md +111 -0
- icdev/data/goals/tdd_workflow.md +403 -0
- icdev/data/goals/zero_trust_architecture.md +403 -0
- icdev/data/hardprompts/__init__.py +1 -0
- icdev/data/hardprompts/agent/__init__.py +1 -0
- icdev/data/hardprompts/agent/agentic_architect.md +100 -0
- icdev/data/hardprompts/agent/debate_prompt.md +32 -0
- icdev/data/hardprompts/agent/fitness_evaluation.md +48 -0
- icdev/data/hardprompts/agent/governance_review.md +214 -0
- icdev/data/hardprompts/agent/reviewer_prompt.md +34 -0
- icdev/data/hardprompts/agent/skill_design.md +172 -0
- icdev/data/hardprompts/agent/task_decomposition.md +275 -0
- icdev/data/hardprompts/agent/veto_check_prompt.md +33 -0
- icdev/data/hardprompts/architect/__init__.py +1 -0
- icdev/data/hardprompts/architect/api_design.md +283 -0
- icdev/data/hardprompts/architect/data_model.md +277 -0
- icdev/data/hardprompts/architect/system_design.md +180 -0
- icdev/data/hardprompts/builder/__init__.py +1 -0
- icdev/data/hardprompts/builder/code_generation.md +59 -0
- icdev/data/hardprompts/builder/refactor.md +58 -0
- icdev/data/hardprompts/builder/scaffold_project.md +69 -0
- icdev/data/hardprompts/builder/test_generation.md +87 -0
- icdev/data/hardprompts/ci/__init__.py +1 -0
- icdev/data/hardprompts/ci/worktree_setup.md +35 -0
- icdev/data/hardprompts/compliance/__init__.py +1 -0
- icdev/data/hardprompts/compliance/cmmc_assessment.md +63 -0
- icdev/data/hardprompts/compliance/cssp_assessment.md +75 -0
- icdev/data/hardprompts/compliance/cui_marking.md +86 -0
- icdev/data/hardprompts/compliance/fedramp_assessment.md +55 -0
- icdev/data/hardprompts/compliance/ivv_assessment.md +96 -0
- icdev/data/hardprompts/compliance/poam_generation.md +57 -0
- icdev/data/hardprompts/compliance/sbd_assessment.md +101 -0
- icdev/data/hardprompts/compliance/security_categorization.md +74 -0
- icdev/data/hardprompts/compliance/ssp_generation.md +56 -0
- icdev/data/hardprompts/compliance/stig_evaluation.md +63 -0
- icdev/data/hardprompts/dashboard/__init__.py +1 -0
- icdev/data/hardprompts/dashboard/nlq_system_prompt.md +26 -0
- icdev/data/hardprompts/infra/__init__.py +1 -0
- icdev/data/hardprompts/infra/k8s_manifests.md +118 -0
- icdev/data/hardprompts/infra/pipeline_generation.md +160 -0
- icdev/data/hardprompts/infra/terraform_generation.md +92 -0
- icdev/data/hardprompts/integration/__init__.py +1 -0
- icdev/data/hardprompts/integration/approval_review.md +17 -0
- icdev/data/hardprompts/integration/jira_mapping.md +25 -0
- icdev/data/hardprompts/integration/servicenow_mapping.md +14 -0
- icdev/data/hardprompts/knowledge/__init__.py +1 -0
- icdev/data/hardprompts/knowledge/pattern_detection.md +73 -0
- icdev/data/hardprompts/knowledge/recommendation_engine.md +90 -0
- icdev/data/hardprompts/knowledge/root_cause_analysis.md +91 -0
- icdev/data/hardprompts/maintenance/__init__.py +1 -0
- icdev/data/hardprompts/maintenance/maintenance_assessment.md +82 -0
- icdev/data/hardprompts/mbse/__init__.py +1 -0
- icdev/data/hardprompts/mbse/digital_thread.md +67 -0
- icdev/data/hardprompts/mbse/model_import.md +62 -0
- icdev/data/hardprompts/mbse/model_to_code.md +65 -0
- icdev/data/hardprompts/modernization/__init__.py +1 -0
- icdev/data/hardprompts/modernization/legacy_analysis.md +93 -0
- icdev/data/hardprompts/modernization/migration_planning.md +150 -0
- icdev/data/hardprompts/modernization/seven_r_assessment.md +107 -0
- icdev/data/hardprompts/requirements/__init__.py +1 -0
- icdev/data/hardprompts/requirements/bdd_generation.md +35 -0
- icdev/data/hardprompts/requirements/clarification_prioritization.md +29 -0
- icdev/data/hardprompts/requirements/decomposition.md +60 -0
- icdev/data/hardprompts/requirements/document_extraction.md +45 -0
- icdev/data/hardprompts/requirements/gap_detection.md +70 -0
- icdev/data/hardprompts/requirements/intake_conversation.md +101 -0
- icdev/data/hardprompts/requirements/readiness_assessment.md +39 -0
- icdev/data/hardprompts/requirements/spec_quality.md +33 -0
- icdev/data/hardprompts/requirements/traceability_analysis.md +23 -0
- icdev/data/hardprompts/security/__init__.py +1 -0
- icdev/data/hardprompts/security/endpoint_security.md +78 -0
- icdev/data/hardprompts/security/threat_model.md +70 -0
- icdev/data/hardprompts/security/vulnerability_assessment.md +81 -0
- icdev/data/hardprompts/simulation/__init__.py +1 -0
- icdev/data/hardprompts/simulation/architecture_impact.md +27 -0
- icdev/data/hardprompts/simulation/coa_alternative.md +27 -0
- icdev/data/hardprompts/simulation/coa_generation.md +25 -0
- icdev/data/hardprompts/simulation/compliance_impact.md +28 -0
- icdev/data/hardprompts/simulation/cost_estimation.md +33 -0
- icdev/data/hardprompts/simulation/risk_assessment.md +28 -0
- icdev/data/hardprompts/translation/code_translation.md +68 -0
- icdev/data/hardprompts/translation/dependency_suggestion.md +44 -0
- icdev/data/hardprompts/translation/test_translation.md +64 -0
- icdev/data/hardprompts/translation/translation_repair.md +59 -0
- icdev/py.typed +0 -0
- icdev/tools/__init__.py +1 -0
- icdev/tools/_gen_formatter.py +12 -0
- icdev/tools/a2a/__init__.py +1 -0
- icdev/tools/a2a/agent_cards/architect.json +43 -0
- icdev/tools/a2a/agent_cards/builder.json +50 -0
- icdev/tools/a2a/agent_cards/compliance.json +57 -0
- icdev/tools/a2a/agent_cards/devsecops.json +71 -0
- icdev/tools/a2a/agent_cards/infra.json +57 -0
- icdev/tools/a2a/agent_cards/integration.json +57 -0
- icdev/tools/a2a/agent_cards/knowledge.json +43 -0
- icdev/tools/a2a/agent_cards/mbse.json +57 -0
- icdev/tools/a2a/agent_cards/modernization.json +50 -0
- icdev/tools/a2a/agent_cards/monitor.json +43 -0
- icdev/tools/a2a/agent_cards/orchestrator.json +36 -0
- icdev/tools/a2a/agent_cards/requirements_analyst.json +64 -0
- icdev/tools/a2a/agent_cards/security.json +50 -0
- icdev/tools/a2a/agent_cards/simulation.json +57 -0
- icdev/tools/a2a/agent_cards/supply_chain.json +50 -0
- icdev/tools/a2a/agent_client.py +349 -0
- icdev/tools/a2a/agent_registry.py +412 -0
- icdev/tools/a2a/agent_server.py +579 -0
- icdev/tools/a2a/task.py +200 -0
- icdev/tools/agent/__init__.py +2 -0
- icdev/tools/agent/a2a_agent_card_generator.py +285 -0
- icdev/tools/agent/a2a_discovery_server.py +250 -0
- icdev/tools/agent/agent_executor.py +529 -0
- icdev/tools/agent/agent_memory.py +557 -0
- icdev/tools/agent/agent_models.py +51 -0
- icdev/tools/agent/atlas_critique.py +908 -0
- icdev/tools/agent/authority.py +443 -0
- icdev/tools/agent/bedrock_client.py +1075 -0
- icdev/tools/agent/collaboration.py +871 -0
- icdev/tools/agent/dispatcher_mode.py +665 -0
- icdev/tools/agent/mailbox.py +575 -0
- icdev/tools/agent/prompt_chain_executor.py +1064 -0
- icdev/tools/agent/session_purpose.py +350 -0
- icdev/tools/agent/skill_router.py +638 -0
- icdev/tools/agent/skill_selector.py +486 -0
- icdev/tools/agent/team_orchestrator.py +1108 -0
- icdev/tools/agent/token_tracker.py +290 -0
- icdev/tools/analysis/__init__.py +1 -0
- icdev/tools/analysis/code_analyzer.py +780 -0
- icdev/tools/analysis/runtime_feedback.py +389 -0
- icdev/tools/audit/__init__.py +1 -0
- icdev/tools/audit/audit_logger.py +196 -0
- icdev/tools/audit/audit_query.py +157 -0
- icdev/tools/audit/decision_recorder.py +72 -0
- icdev/tools/builder/__init__.py +1 -0
- icdev/tools/builder/agentic_fitness.py +534 -0
- icdev/tools/builder/agentic_test_templates/test_a2a_callback.py +117 -0
- icdev/tools/builder/agentic_test_templates/test_a2a_lifecycle.feature +52 -0
- icdev/tools/builder/agentic_test_templates/test_agent_card.feature +37 -0
- icdev/tools/builder/agentic_test_templates/test_agent_health.py +128 -0
- icdev/tools/builder/agentic_test_templates/test_memory_system.feature +50 -0
- icdev/tools/builder/agentic_test_templates/test_skill_execution.feature +40 -0
- icdev/tools/builder/app_blueprint.py +1583 -0
- icdev/tools/builder/child_app_generator.py +2852 -0
- icdev/tools/builder/claude_md_generator.py +1734 -0
- icdev/tools/builder/code_generator.py +3703 -0
- icdev/tools/builder/db_init_generator.py +1709 -0
- icdev/tools/builder/dev_profile_manager.py +954 -0
- icdev/tools/builder/formatter.py +768 -0
- icdev/tools/builder/goal_adapter.py +592 -0
- icdev/tools/builder/gotcha_validator.py +812 -0
- icdev/tools/builder/language_support.py +441 -0
- icdev/tools/builder/linter.py +976 -0
- icdev/tools/builder/profile_detector.py +657 -0
- icdev/tools/builder/profile_md_generator.py +723 -0
- icdev/tools/builder/scaffolder.py +1590 -0
- icdev/tools/builder/scaffolder_extended.py +1771 -0
- icdev/tools/builder/test_writer.py +950 -0
- icdev/tools/ci/__init__.py +2 -0
- icdev/tools/ci/connectors/__init__.py +2 -0
- icdev/tools/ci/connectors/base_connector.py +80 -0
- icdev/tools/ci/connectors/connector_registry.py +188 -0
- icdev/tools/ci/connectors/mattermost_connector.py +159 -0
- icdev/tools/ci/connectors/slack_connector.py +197 -0
- icdev/tools/ci/core/__init__.py +2 -0
- icdev/tools/ci/core/air_gap_detector.py +115 -0
- icdev/tools/ci/core/comment_handler.py +192 -0
- icdev/tools/ci/core/conversation_manager.py +479 -0
- icdev/tools/ci/core/event_envelope.py +500 -0
- icdev/tools/ci/core/event_router.py +443 -0
- icdev/tools/ci/core/failure_parser.py +397 -0
- icdev/tools/ci/core/recovery_engine.py +527 -0
- icdev/tools/ci/modules/__init__.py +2 -0
- icdev/tools/ci/modules/agent.py +271 -0
- icdev/tools/ci/modules/git_ops.py +175 -0
- icdev/tools/ci/modules/state.py +117 -0
- icdev/tools/ci/modules/vcs.py +303 -0
- icdev/tools/ci/modules/workflow_ops.py +295 -0
- icdev/tools/ci/modules/worktree.py +340 -0
- icdev/tools/ci/pipeline_config_generator.py +558 -0
- icdev/tools/ci/triggers/__init__.py +2 -0
- icdev/tools/ci/triggers/gitlab_task_monitor.py +330 -0
- icdev/tools/ci/triggers/poll_trigger.py +237 -0
- icdev/tools/ci/triggers/webhook_server.py +356 -0
- icdev/tools/ci/workflows/__init__.py +2 -0
- icdev/tools/ci/workflows/icdev_build.py +140 -0
- icdev/tools/ci/workflows/icdev_comply.py +284 -0
- icdev/tools/ci/workflows/icdev_document.py +152 -0
- icdev/tools/ci/workflows/icdev_e2e.py +188 -0
- icdev/tools/ci/workflows/icdev_patch.py +186 -0
- icdev/tools/ci/workflows/icdev_plan.py +202 -0
- icdev/tools/ci/workflows/icdev_plan_build.py +41 -0
- icdev/tools/ci/workflows/icdev_plan_build_test.py +46 -0
- icdev/tools/ci/workflows/icdev_plan_build_test_review.py +47 -0
- icdev/tools/ci/workflows/icdev_review.py +126 -0
- icdev/tools/ci/workflows/icdev_sdlc.py +261 -0
- icdev/tools/ci/workflows/icdev_test.py +240 -0
- icdev/tools/cli/__init__.py +1 -0
- icdev/tools/cli/output_formatter.py +756 -0
- icdev/tools/cli_formatter.py +42 -0
- icdev/tools/cloud/__init__.py +11 -0
- icdev/tools/cloud/cloud_mode_manager.py +364 -0
- icdev/tools/cloud/csp_changelog.py +383 -0
- icdev/tools/cloud/csp_health_checker.py +268 -0
- icdev/tools/cloud/csp_monitor.py +951 -0
- icdev/tools/cloud/iam_provider.py +593 -0
- icdev/tools/cloud/kms_provider.py +346 -0
- icdev/tools/cloud/monitoring_provider.py +628 -0
- icdev/tools/cloud/provider_factory.py +376 -0
- icdev/tools/cloud/region_validator.py +345 -0
- icdev/tools/cloud/registry_provider.py +563 -0
- icdev/tools/cloud/secrets_provider.py +486 -0
- icdev/tools/cloud/storage_provider.py +446 -0
- icdev/tools/compat/__init__.py +21 -0
- icdev/tools/compat/cli_harmonizer.py +251 -0
- icdev/tools/compat/datetime_utils.py +18 -0
- icdev/tools/compat/db_utils.py +160 -0
- icdev/tools/compat/platform_utils.py +123 -0
- icdev/tools/compliance/__init__.py +1 -0
- icdev/tools/compliance/accountability_manager.py +397 -0
- icdev/tools/compliance/ai_accountability_audit.py +294 -0
- icdev/tools/compliance/ai_impact_assessor.py +273 -0
- icdev/tools/compliance/ai_incident_response.py +301 -0
- icdev/tools/compliance/ai_inventory_manager.py +239 -0
- icdev/tools/compliance/ai_reassessment_scheduler.py +256 -0
- icdev/tools/compliance/ai_transparency_audit.py +248 -0
- icdev/tools/compliance/atlas_assessor.py +278 -0
- icdev/tools/compliance/atlas_report_generator.py +1211 -0
- icdev/tools/compliance/base_assessor.py +597 -0
- icdev/tools/compliance/cato_monitor.py +1385 -0
- icdev/tools/compliance/cato_scheduler.py +699 -0
- icdev/tools/compliance/cjis_assessor.py +76 -0
- icdev/tools/compliance/classification_manager.py +1353 -0
- icdev/tools/compliance/cmmc_assessor.py +1491 -0
- icdev/tools/compliance/cmmc_report_generator.py +1100 -0
- icdev/tools/compliance/compliance_detector.py +463 -0
- icdev/tools/compliance/compliance_exporter.py +427 -0
- icdev/tools/compliance/compliance_status.py +825 -0
- icdev/tools/compliance/control_mapper.py +505 -0
- icdev/tools/compliance/crosswalk_engine.py +1203 -0
- icdev/tools/compliance/cssp_assessor.py +1045 -0
- icdev/tools/compliance/cssp_evidence_collector.py +729 -0
- icdev/tools/compliance/cssp_report_generator.py +1116 -0
- icdev/tools/compliance/cui_marker.py +388 -0
- icdev/tools/compliance/diagram_validator.py +600 -0
- icdev/tools/compliance/emass/__init__.py +2 -0
- icdev/tools/compliance/emass/emass_client.py +840 -0
- icdev/tools/compliance/emass/emass_export.py +777 -0
- icdev/tools/compliance/emass/emass_sync.py +826 -0
- icdev/tools/compliance/eu_ai_act_classifier.py +194 -0
- icdev/tools/compliance/evidence_collector.py +468 -0
- icdev/tools/compliance/fairness_assessor.py +316 -0
- icdev/tools/compliance/fedramp_assessor.py +1808 -0
- icdev/tools/compliance/fedramp_authorization_packager.py +137 -0
- icdev/tools/compliance/fedramp_ksi_generator.py +355 -0
- icdev/tools/compliance/fedramp_report_generator.py +1128 -0
- icdev/tools/compliance/fips199_categorizer.py +881 -0
- icdev/tools/compliance/fips200_validator.py +315 -0
- icdev/tools/compliance/gao_ai_assessor.py +231 -0
- icdev/tools/compliance/gao_evidence_builder.py +308 -0
- icdev/tools/compliance/hipaa_assessor.py +78 -0
- icdev/tools/compliance/hitrust_assessor.py +49 -0
- icdev/tools/compliance/incident_response_plan.py +718 -0
- icdev/tools/compliance/iso27001_assessor.py +92 -0
- icdev/tools/compliance/iso42001_assessor.py +114 -0
- icdev/tools/compliance/ivv_assessor.py +2327 -0
- icdev/tools/compliance/ivv_report_generator.py +1662 -0
- icdev/tools/compliance/model_card_generator.py +297 -0
- icdev/tools/compliance/mosa_assessor.py +117 -0
- icdev/tools/compliance/multi_regime_assessor.py +451 -0
- icdev/tools/compliance/narrative_generator.py +1013 -0
- icdev/tools/compliance/nist_800_207_assessor.py +191 -0
- icdev/tools/compliance/nist_ai_600_1_assessor.py +188 -0
- icdev/tools/compliance/nist_ai_rmf_assessor.py +110 -0
- icdev/tools/compliance/nist_lookup.py +245 -0
- icdev/tools/compliance/omb_m25_21_assessor.py +228 -0
- icdev/tools/compliance/omb_m26_04_assessor.py +188 -0
- icdev/tools/compliance/oscal_catalog_adapter.py +395 -0
- icdev/tools/compliance/oscal_generator.py +2170 -0
- icdev/tools/compliance/oscal_tools.py +1182 -0
- icdev/tools/compliance/owasp_agentic_assessor.py +226 -0
- icdev/tools/compliance/owasp_asi_assessor.py +200 -0
- icdev/tools/compliance/owasp_llm_assessor.py +244 -0
- icdev/tools/compliance/pci_dss_assessor.py +80 -0
- icdev/tools/compliance/pi_compliance_tracker.py +1461 -0
- icdev/tools/compliance/poam_generator.py +405 -0
- icdev/tools/compliance/resolve_marking.py +283 -0
- icdev/tools/compliance/sbd_assessor.py +2068 -0
- icdev/tools/compliance/sbd_report_generator.py +1236 -0
- icdev/tools/compliance/sbom_generator.py +1008 -0
- icdev/tools/compliance/siem_config_generator.py +674 -0
- icdev/tools/compliance/slsa_attestation_generator.py +490 -0
- icdev/tools/compliance/soc2_assessor.py +77 -0
- icdev/tools/compliance/ssp_generator.py +573 -0
- icdev/tools/compliance/stig_checker.py +727 -0
- icdev/tools/compliance/swft_evidence_bundler.py +337 -0
- icdev/tools/compliance/system_card_generator.py +309 -0
- icdev/tools/compliance/traceability_matrix.py +1281 -0
- icdev/tools/compliance/universal_classification_manager.py +1172 -0
- icdev/tools/compliance/xacta/__init__.py +2 -0
- icdev/tools/compliance/xacta/xacta_client.py +449 -0
- icdev/tools/compliance/xacta/xacta_export.py +557 -0
- icdev/tools/compliance/xacta/xacta_sync.py +333 -0
- icdev/tools/compliance/xai_assessor.py +231 -0
- icdev/tools/dashboard/__init__.py +1 -0
- icdev/tools/dashboard/api/__init__.py +1 -0
- icdev/tools/dashboard/api/_pipeline_state.py +17 -0
- icdev/tools/dashboard/api/activity.py +206 -0
- icdev/tools/dashboard/api/admin.py +176 -0
- icdev/tools/dashboard/api/agents.py +53 -0
- icdev/tools/dashboard/api/ai_accountability.py +163 -0
- icdev/tools/dashboard/api/ai_transparency.py +198 -0
- icdev/tools/dashboard/api/audit.py +58 -0
- icdev/tools/dashboard/api/batch.py +666 -0
- icdev/tools/dashboard/api/chat.py +241 -0
- icdev/tools/dashboard/api/cicd.py +219 -0
- icdev/tools/dashboard/api/code_quality.py +223 -0
- icdev/tools/dashboard/api/compliance.py +171 -0
- icdev/tools/dashboard/api/cpmp.py +915 -0
- icdev/tools/dashboard/api/diagrams.py +65 -0
- icdev/tools/dashboard/api/events.py +250 -0
- icdev/tools/dashboard/api/evidence.py +99 -0
- icdev/tools/dashboard/api/fedramp_20x.py +77 -0
- icdev/tools/dashboard/api/govcon.py +1095 -0
- icdev/tools/dashboard/api/intake.py +1171 -0
- icdev/tools/dashboard/api/lineage.py +163 -0
- icdev/tools/dashboard/api/metrics.py +155 -0
- icdev/tools/dashboard/api/nlq.py +72 -0
- icdev/tools/dashboard/api/orchestration.py +472 -0
- icdev/tools/dashboard/api/oscal.py +183 -0
- icdev/tools/dashboard/api/prod_audit.py +183 -0
- icdev/tools/dashboard/api/projects.py +191 -0
- icdev/tools/dashboard/api/proposals.py +1084 -0
- icdev/tools/dashboard/api/traces.py +363 -0
- icdev/tools/dashboard/api/usage.py +234 -0
- icdev/tools/dashboard/app.py +1986 -0
- icdev/tools/dashboard/auth.py +500 -0
- icdev/tools/dashboard/byok.py +245 -0
- icdev/tools/dashboard/chat_manager.py +675 -0
- icdev/tools/dashboard/config.py +116 -0
- icdev/tools/dashboard/diagram_definitions.py +642 -0
- icdev/tools/dashboard/nlq_processor.py +323 -0
- icdev/tools/dashboard/phase_loader.py +136 -0
- icdev/tools/dashboard/sse_manager.py +89 -0
- icdev/tools/dashboard/state_tracker.py +267 -0
- icdev/tools/dashboard/static/css/style.css +706 -0
- icdev/tools/dashboard/static/css/ux.css +2047 -0
- icdev/tools/dashboard/static/js/activity.js +322 -0
- icdev/tools/dashboard/static/js/api.js +161 -0
- icdev/tools/dashboard/static/js/batch.js +814 -0
- icdev/tools/dashboard/static/js/charts.js +618 -0
- icdev/tools/dashboard/static/js/chat.js +1514 -0
- icdev/tools/dashboard/static/js/kanban.js +113 -0
- icdev/tools/dashboard/static/js/live.js +569 -0
- icdev/tools/dashboard/static/js/mermaid-icdev.js +332 -0
- icdev/tools/dashboard/static/js/proposals.js +588 -0
- icdev/tools/dashboard/static/js/shortcuts.js +544 -0
- icdev/tools/dashboard/static/js/tables.js +652 -0
- icdev/tools/dashboard/static/js/tour.js +524 -0
- icdev/tools/dashboard/static/js/ux.js +942 -0
- icdev/tools/dashboard/templates/404.html +10 -0
- icdev/tools/dashboard/templates/activity.html +80 -0
- icdev/tools/dashboard/templates/admin/users.html +144 -0
- icdev/tools/dashboard/templates/ai_accountability.html +235 -0
- icdev/tools/dashboard/templates/ai_transparency.html +263 -0
- icdev/tools/dashboard/templates/base.html +104 -0
- icdev/tools/dashboard/templates/batch.html +23 -0
- icdev/tools/dashboard/templates/chat.html +332 -0
- icdev/tools/dashboard/templates/children.html +149 -0
- icdev/tools/dashboard/templates/cicd.html +253 -0
- icdev/tools/dashboard/templates/code_quality.html +214 -0
- icdev/tools/dashboard/templates/cpmp/cor_detail.html +220 -0
- icdev/tools/dashboard/templates/cpmp/cor_portal.html +91 -0
- icdev/tools/dashboard/templates/cpmp/deliverable_detail.html +197 -0
- icdev/tools/dashboard/templates/cpmp/detail.html +578 -0
- icdev/tools/dashboard/templates/cpmp/portfolio.html +202 -0
- icdev/tools/dashboard/templates/dev_profiles.html +304 -0
- icdev/tools/dashboard/templates/diagrams.html +224 -0
- icdev/tools/dashboard/templates/events/timeline.html +232 -0
- icdev/tools/dashboard/templates/evidence.html +134 -0
- icdev/tools/dashboard/templates/fedramp_20x.html +207 -0
- icdev/tools/dashboard/templates/gateway.html +244 -0
- icdev/tools/dashboard/templates/govcon/capabilities.html +135 -0
- icdev/tools/dashboard/templates/govcon/pipeline.html +214 -0
- icdev/tools/dashboard/templates/govcon/requirements.html +120 -0
- icdev/tools/dashboard/templates/index.html +254 -0
- icdev/tools/dashboard/templates/lineage.html +141 -0
- icdev/tools/dashboard/templates/login.html +51 -0
- icdev/tools/dashboard/templates/monitoring/overview.html +193 -0
- icdev/tools/dashboard/templates/orchestration/dashboard.html +545 -0
- icdev/tools/dashboard/templates/oscal.html +263 -0
- icdev/tools/dashboard/templates/phases.html +150 -0
- icdev/tools/dashboard/templates/prod_audit.html +280 -0
- icdev/tools/dashboard/templates/profile.html +183 -0
- icdev/tools/dashboard/templates/projects/detail.html +583 -0
- icdev/tools/dashboard/templates/projects/list.html +47 -0
- icdev/tools/dashboard/templates/proposals/detail.html +1253 -0
- icdev/tools/dashboard/templates/proposals/list.html +179 -0
- icdev/tools/dashboard/templates/proposals/section_detail.html +193 -0
- icdev/tools/dashboard/templates/provenance.html +181 -0
- icdev/tools/dashboard/templates/query/nlq.html +234 -0
- icdev/tools/dashboard/templates/quick_paths.html +69 -0
- icdev/tools/dashboard/templates/traces.html +155 -0
- icdev/tools/dashboard/templates/translation_detail.html +199 -0
- icdev/tools/dashboard/templates/translations.html +162 -0
- icdev/tools/dashboard/templates/usage.html +225 -0
- icdev/tools/dashboard/templates/wizard.html +539 -0
- icdev/tools/dashboard/templates/xai.html +208 -0
- icdev/tools/dashboard/ux_helpers.py +962 -0
- icdev/tools/dashboard/websocket.py +81 -0
- icdev/tools/db/__init__.py +1 -0
- icdev/tools/db/backup.py +312 -0
- icdev/tools/db/backup_manager.py +832 -0
- icdev/tools/db/init_icdev_db.py +5900 -0
- icdev/tools/db/migrate.py +178 -0
- icdev/tools/db/migration_runner.py +549 -0
- icdev/tools/db/migrations/001_baseline/meta.json +9 -0
- icdev/tools/db/migrations/001_baseline/up.py +68 -0
- icdev/tools/db/migrations/002_memory_enhancements/down.sql +8 -0
- icdev/tools/db/migrations/002_memory_enhancements/meta.json +9 -0
- icdev/tools/db/migrations/002_memory_enhancements/up.py +118 -0
- icdev/tools/db/migrations/003_dev_profiles/meta.json +8 -0
- icdev/tools/db/migrations/003_dev_profiles/up.py +93 -0
- icdev/tools/db/migrations/004_innovation_engine/down.py +19 -0
- icdev/tools/db/migrations/004_innovation_engine/up.py +227 -0
- icdev/tools/db/migrations/005_phase_37_ai_security/down.py +19 -0
- icdev/tools/db/migrations/005_phase_37_ai_security/up.py +258 -0
- icdev/tools/db/migrations/006_phase_36_evolution/down.py +21 -0
- icdev/tools/db/migrations/006_phase_36_evolution/up.py +323 -0
- icdev/tools/db/migrations/007_phase_38_cloud/down.py +14 -0
- icdev/tools/db/migrations/007_phase_38_cloud/up.py +110 -0
- icdev/tools/db/migrations/008_phase36_37_integration/up.py +55 -0
- icdev/tools/db/migrations/__init__.py +2 -0
- icdev/tools/devsecops/__init__.py +2 -0
- icdev/tools/devsecops/attestation_manager.py +458 -0
- icdev/tools/devsecops/network_segmentation_generator.py +614 -0
- icdev/tools/devsecops/pdp_config_generator.py +1256 -0
- icdev/tools/devsecops/pipeline_security_generator.py +484 -0
- icdev/tools/devsecops/policy_generator.py +653 -0
- icdev/tools/devsecops/profile_manager.py +388 -0
- icdev/tools/devsecops/service_mesh_generator.py +1073 -0
- icdev/tools/devsecops/zta_maturity_scorer.py +368 -0
- icdev/tools/devsecops/zta_terraform_generator.py +1303 -0
- icdev/tools/dx/__init__.py +3 -0
- icdev/tools/dx/companion.py +266 -0
- icdev/tools/dx/instruction_generator.py +753 -0
- icdev/tools/dx/mcp_config_generator.py +282 -0
- icdev/tools/dx/skill_translator.py +425 -0
- icdev/tools/dx/tool_detector.py +144 -0
- icdev/tools/extensions/__init__.py +21 -0
- icdev/tools/extensions/builtins/010_ai_governance_chat.py +277 -0
- icdev/tools/extensions/builtins/__init__.py +2 -0
- icdev/tools/extensions/extension_manager.py +455 -0
- icdev/tools/infra/__init__.py +1 -0
- icdev/tools/infra/ansible_generator.py +869 -0
- icdev/tools/infra/dockerfile_generator.py +361 -0
- icdev/tools/infra/infra_status.py +393 -0
- icdev/tools/infra/ironbank_metadata_generator.py +411 -0
- icdev/tools/infra/k8s_generator.py +1002 -0
- icdev/tools/infra/pipeline_generator.py +832 -0
- icdev/tools/infra/rollback.py +400 -0
- icdev/tools/infra/terraform_generator.py +1142 -0
- icdev/tools/infra/terraform_generator_azure.py +1254 -0
- icdev/tools/infra/terraform_generator_gcp.py +953 -0
- icdev/tools/infra/terraform_generator_ibm.py +360 -0
- icdev/tools/infra/terraform_generator_oci.py +919 -0
- icdev/tools/infra/terraform_generator_onprem.py +319 -0
- icdev/tools/innovation/__init__.py +8 -0
- icdev/tools/innovation/competitive_intel.py +492 -0
- icdev/tools/innovation/innovation_manager.py +681 -0
- icdev/tools/innovation/introspective_analyzer.py +774 -0
- icdev/tools/innovation/register_external_patterns.py +440 -0
- icdev/tools/innovation/signal_ranker.py +1038 -0
- icdev/tools/innovation/solution_generator.py +697 -0
- icdev/tools/innovation/standards_monitor.py +466 -0
- icdev/tools/innovation/trend_detector.py +1046 -0
- icdev/tools/innovation/triage_engine.py +1149 -0
- icdev/tools/innovation/web_scanner.py +894 -0
- icdev/tools/installer/__init__.py +1 -0
- icdev/tools/installer/compliance_configurator.py +637 -0
- icdev/tools/installer/installer.py +1711 -0
- icdev/tools/installer/module_registry.py +805 -0
- icdev/tools/installer/platform_setup.py +961 -0
- icdev/tools/integration/__init__.py +2 -0
- icdev/tools/integration/approval_manager.py +561 -0
- icdev/tools/integration/doors_exporter.py +627 -0
- icdev/tools/integration/gitlab_connector.py +784 -0
- icdev/tools/integration/jira_connector.py +774 -0
- icdev/tools/integration/servicenow_connector.py +693 -0
- icdev/tools/knowledge/__init__.py +1 -0
- icdev/tools/knowledge/knowledge_ingest.py +293 -0
- icdev/tools/knowledge/pattern_detector.py +693 -0
- icdev/tools/knowledge/recommendation_engine.py +461 -0
- icdev/tools/knowledge/self_heal_analyzer.py +504 -0
- icdev/tools/llm/__init__.py +72 -0
- icdev/tools/llm/anthropic_provider.py +170 -0
- icdev/tools/llm/azure_openai_provider.py +338 -0
- icdev/tools/llm/bedrock_provider.py +315 -0
- icdev/tools/llm/embedding_provider.py +438 -0
- icdev/tools/llm/gemini_provider.py +381 -0
- icdev/tools/llm/ibm_watsonx_provider.py +232 -0
- icdev/tools/llm/oci_genai_provider.py +462 -0
- icdev/tools/llm/ollama_provider.py +340 -0
- icdev/tools/llm/openai_provider.py +225 -0
- icdev/tools/llm/provider.py +355 -0
- icdev/tools/llm/provider_sdk.py +175 -0
- icdev/tools/llm/router.py +780 -0
- icdev/tools/llm/vertex_ai_provider.py +374 -0
- icdev/tools/maintenance/__init__.py +2 -0
- icdev/tools/maintenance/dependency_scanner.py +1030 -0
- icdev/tools/maintenance/maintenance_auditor.py +815 -0
- icdev/tools/maintenance/remediation_engine.py +966 -0
- icdev/tools/maintenance/vulnerability_checker.py +987 -0
- icdev/tools/mbse/__init__.py +3 -0
- icdev/tools/mbse/des_assessor.py +1186 -0
- icdev/tools/mbse/des_report_generator.py +800 -0
- icdev/tools/mbse/diagram_extractor.py +811 -0
- icdev/tools/mbse/digital_thread.py +1665 -0
- icdev/tools/mbse/model_code_generator.py +1122 -0
- icdev/tools/mbse/model_control_mapper.py +420 -0
- icdev/tools/mbse/pi_model_tracker.py +1093 -0
- icdev/tools/mbse/reqif_parser.py +1483 -0
- icdev/tools/mbse/sync_engine.py +1805 -0
- icdev/tools/mbse/xmi_parser.py +1573 -0
- icdev/tools/mcp/__init__.py +1 -0
- icdev/tools/mcp/base_server.py +535 -0
- icdev/tools/mcp/builder_server.py +725 -0
- icdev/tools/mcp/compliance_server.py +1407 -0
- icdev/tools/mcp/context_indexer.py +199 -0
- icdev/tools/mcp/context_server.py +305 -0
- icdev/tools/mcp/core_server.py +679 -0
- icdev/tools/mcp/devsecops_server.py +432 -0
- icdev/tools/mcp/gap_handlers.py +1079 -0
- icdev/tools/mcp/gateway_server.py +339 -0
- icdev/tools/mcp/generate_registry.py +623 -0
- icdev/tools/mcp/infra_server.py +264 -0
- icdev/tools/mcp/innovation_server.py +316 -0
- icdev/tools/mcp/integration_server.py +527 -0
- icdev/tools/mcp/knowledge_server.py +429 -0
- icdev/tools/mcp/maintenance_server.py +248 -0
- icdev/tools/mcp/marketplace_server.py +499 -0
- icdev/tools/mcp/mbse_server.py +398 -0
- icdev/tools/mcp/modernization_server.py +496 -0
- icdev/tools/mcp/observability_server.py +354 -0
- icdev/tools/mcp/requirements_server.py +415 -0
- icdev/tools/mcp/simulation_server.py +468 -0
- icdev/tools/mcp/standalone/__init__.py +2 -0
- icdev/tools/mcp/standalone/builder.py +59 -0
- icdev/tools/mcp/standalone/compliance.py +59 -0
- icdev/tools/mcp/standalone/core.py +59 -0
- icdev/tools/mcp/standalone/knowledge.py +59 -0
- icdev/tools/mcp/standalone/maintenance.py +59 -0
- icdev/tools/mcp/supply_chain_server.py +476 -0
- icdev/tools/mcp/tool_registry.py +2008 -0
- icdev/tools/mcp/unified_server.py +158 -0
- icdev/tools/memory/__init__.py +2 -0
- icdev/tools/memory/auto_capture.py +347 -0
- icdev/tools/memory/embed_memory.py +158 -0
- icdev/tools/memory/history_compressor.py +334 -0
- icdev/tools/memory/hybrid_search.py +236 -0
- icdev/tools/memory/maintenance_cron.py +289 -0
- icdev/tools/memory/memory_consolidation.py +444 -0
- icdev/tools/memory/memory_db.py +133 -0
- icdev/tools/memory/memory_read.py +102 -0
- icdev/tools/memory/memory_write.py +222 -0
- icdev/tools/memory/semantic_search.py +139 -0
- icdev/tools/memory/time_decay.py +435 -0
- icdev/tools/modernization/__init__.py +3 -0
- icdev/tools/modernization/architecture_extractor.py +734 -0
- icdev/tools/modernization/compliance_bridge.py +1499 -0
- icdev/tools/modernization/db_migration_planner.py +1385 -0
- icdev/tools/modernization/doc_generator.py +1428 -0
- icdev/tools/modernization/framework_migrator.py +1525 -0
- icdev/tools/modernization/legacy_analyzer.py +1948 -0
- icdev/tools/modernization/migration_code_generator.py +1639 -0
- icdev/tools/modernization/migration_report_generator.py +1653 -0
- icdev/tools/modernization/migration_tracker.py +1726 -0
- icdev/tools/modernization/monolith_decomposer.py +1508 -0
- icdev/tools/modernization/seven_r_assessor.py +1658 -0
- icdev/tools/modernization/strangler_fig_manager.py +1705 -0
- icdev/tools/modernization/ui_analyzer.py +771 -0
- icdev/tools/modernization/version_migrator.py +1392 -0
- icdev/tools/monitor/__init__.py +1 -0
- icdev/tools/monitor/alert_correlator.py +495 -0
- icdev/tools/monitor/auto_resolver.py +612 -0
- icdev/tools/monitor/health_checker.py +509 -0
- icdev/tools/monitor/heartbeat_daemon.py +792 -0
- icdev/tools/monitor/log_analyzer.py +516 -0
- icdev/tools/monitor/metric_collector.py +496 -0
- icdev/tools/mosa/__init__.py +10 -0
- icdev/tools/mosa/icd_generator.py +370 -0
- icdev/tools/mosa/modular_design_analyzer.py +683 -0
- icdev/tools/mosa/mosa_code_enforcer.py +349 -0
- icdev/tools/mosa/tsp_generator.py +265 -0
- icdev/tools/observability/__init__.py +100 -0
- icdev/tools/observability/genai_attributes.py +88 -0
- icdev/tools/observability/instrumentation.py +140 -0
- icdev/tools/observability/mlflow_exporter.py +194 -0
- icdev/tools/observability/otel_tracer.py +168 -0
- icdev/tools/observability/provenance/__init__.py +3 -0
- icdev/tools/observability/provenance/prov_recorder.py +324 -0
- icdev/tools/observability/shap/__init__.py +3 -0
- icdev/tools/observability/shap/agent_shap.py +275 -0
- icdev/tools/observability/sqlite_tracer.py +361 -0
- icdev/tools/observability/trace_context.py +205 -0
- icdev/tools/observability/tracer.py +230 -0
- icdev/tools/orchestration/__init__.py +2 -0
- icdev/tools/orchestration/workflow_composer.py +361 -0
- icdev/tools/project/__init__.py +1 -0
- icdev/tools/project/manifest_loader.py +418 -0
- icdev/tools/project/project_create.py +350 -0
- icdev/tools/project/project_list.py +174 -0
- icdev/tools/project/project_scaffold.py +1715 -0
- icdev/tools/project/project_status.py +479 -0
- icdev/tools/project/session_context_builder.py +757 -0
- icdev/tools/project/validate_manifest.py +55 -0
- icdev/tools/registry/__init__.py +10 -0
- icdev/tools/registry/absorption_engine.py +832 -0
- icdev/tools/registry/capability_evaluator.py +668 -0
- icdev/tools/registry/child_registry.py +617 -0
- icdev/tools/registry/cross_pollinator.py +1065 -0
- icdev/tools/registry/genome_manager.py +671 -0
- icdev/tools/registry/learning_collector.py +912 -0
- icdev/tools/registry/propagation_manager.py +942 -0
- icdev/tools/registry/staging_manager.py +742 -0
- icdev/tools/registry/telemetry_collector.py +423 -0
- icdev/tools/requirements/__init__.py +1 -0
- icdev/tools/requirements/ai_governance_scorer.py +208 -0
- icdev/tools/requirements/boundary_analyzer.py +1293 -0
- icdev/tools/requirements/clarification_engine.py +618 -0
- icdev/tools/requirements/complexity_scorer.py +387 -0
- icdev/tools/requirements/consistency_analyzer.py +803 -0
- icdev/tools/requirements/constitution_manager.py +605 -0
- icdev/tools/requirements/decomposition_engine.py +778 -0
- icdev/tools/requirements/document_extractor.py +1016 -0
- icdev/tools/requirements/elicitation_techniques.py +519 -0
- icdev/tools/requirements/gap_detector.py +271 -0
- icdev/tools/requirements/intake_engine.py +2188 -0
- icdev/tools/requirements/prd_generator.py +847 -0
- icdev/tools/requirements/prd_validator.py +595 -0
- icdev/tools/requirements/readiness_scorer.py +313 -0
- icdev/tools/requirements/spec_organizer.py +1029 -0
- icdev/tools/requirements/spec_quality_checker.py +1097 -0
- icdev/tools/requirements/traceability_builder.py +579 -0
- icdev/tools/resilience/__init__.py +34 -0
- icdev/tools/resilience/circuit_breaker.py +340 -0
- icdev/tools/resilience/correlation.py +150 -0
- icdev/tools/resilience/errors.py +81 -0
- icdev/tools/resilience/retry.py +95 -0
- icdev/tools/schemas/__init__.py +27 -0
- icdev/tools/schemas/chat.py +61 -0
- icdev/tools/schemas/compliance.py +56 -0
- icdev/tools/schemas/core.py +85 -0
- icdev/tools/schemas/innovation.py +37 -0
- icdev/tools/schemas/validation.py +109 -0
- icdev/tools/sdk/__init__.py +3 -0
- icdev/tools/sdk/icdev_client.py +218 -0
- icdev/tools/security/__init__.py +1 -0
- icdev/tools/security/agent_output_validator.py +330 -0
- icdev/tools/security/agent_trust_scorer.py +466 -0
- icdev/tools/security/ai_bom_generator.py +725 -0
- icdev/tools/security/ai_telemetry_logger.py +469 -0
- icdev/tools/security/atlas_red_team.py +543 -0
- icdev/tools/security/code_pattern_scanner.py +378 -0
- icdev/tools/security/confabulation_detector.py +271 -0
- icdev/tools/security/container_scanner.py +491 -0
- icdev/tools/security/dependency_auditor.py +944 -0
- icdev/tools/security/endpoint_security_scanner.py +579 -0
- icdev/tools/security/mcp_tool_authorizer.py +243 -0
- icdev/tools/security/prompt_injection_detector.py +737 -0
- icdev/tools/security/sast_runner.py +948 -0
- icdev/tools/security/secret_detector.py +378 -0
- icdev/tools/security/tool_chain_validator.py +357 -0
- icdev/tools/security/vuln_scanner.py +539 -0
- icdev/tools/simulation/__init__.py +2 -0
- icdev/tools/simulation/coa_generator.py +1552 -0
- icdev/tools/simulation/monte_carlo.py +758 -0
- icdev/tools/simulation/scenario_manager.py +1073 -0
- icdev/tools/simulation/simulation_engine.py +1104 -0
- icdev/tools/supply_chain/__init__.py +2 -0
- icdev/tools/supply_chain/cve_triager.py +705 -0
- icdev/tools/supply_chain/dependency_graph.py +645 -0
- icdev/tools/supply_chain/isa_manager.py +540 -0
- icdev/tools/supply_chain/scrm_assessor.py +546 -0
- icdev/tools/testing/__init__.py +2 -0
- icdev/tools/testing/acceptance_validator.py +411 -0
- icdev/tools/testing/claude_dir_validator.py +831 -0
- icdev/tools/testing/data_types.py +199 -0
- icdev/tools/testing/e2e_runner.py +715 -0
- icdev/tools/testing/fuzz_cli.py +306 -0
- icdev/tools/testing/health_check.py +483 -0
- icdev/tools/testing/platform_check.py +143 -0
- icdev/tools/testing/production_audit.py +1862 -0
- icdev/tools/testing/production_remediate.py +804 -0
- icdev/tools/testing/screenshot_validator.py +539 -0
- icdev/tools/testing/smoke_test.py +283 -0
- icdev/tools/testing/test_agent_models.py +117 -0
- icdev/tools/testing/test_orchestrator.py +957 -0
- icdev/tools/testing/utils.py +229 -0
- icdev/tools/translation/__init__.py +17 -0
- icdev/tools/translation/code_translator.py +550 -0
- icdev/tools/translation/dependency_mapper.py +277 -0
- icdev/tools/translation/feature_map.py +395 -0
- icdev/tools/translation/project_assembler.py +439 -0
- icdev/tools/translation/source_extractor.py +609 -0
- icdev/tools/translation/test_translator.py +333 -0
- icdev/tools/translation/translation_manager.py +582 -0
- icdev/tools/translation/translation_validator.py +662 -0
- icdev/tools/translation/type_checker.py +371 -0
- icdev-1.0.0.dist-info/METADATA +868 -0
- icdev-1.0.0.dist-info/RECORD +1105 -0
- icdev-1.0.0.dist-info/WHEEL +5 -0
- icdev-1.0.0.dist-info/entry_points.txt +9 -0
- icdev-1.0.0.dist-info/licenses/LICENSE +254 -0
- icdev-1.0.0.dist-info/licenses/NOTICE +268 -0
- icdev-1.0.0.dist-info/top_level.txt +1 -0
|
@@ -0,0 +1,833 @@
|
|
|
1
|
+
{
|
|
2
|
+
"_cui_marking": "CUI // SP-CTI",
|
|
3
|
+
"metadata": {
|
|
4
|
+
"framework": "MITRE ATLAS",
|
|
5
|
+
"version": "5.4.0",
|
|
6
|
+
"source": "https://atlas.mitre.org",
|
|
7
|
+
"description": "Adversarial Threat Landscape for AI Systems - Techniques Catalog",
|
|
8
|
+
"last_updated": "2026-02-21",
|
|
9
|
+
"total_tactics": 16,
|
|
10
|
+
"total_techniques": 84
|
|
11
|
+
},
|
|
12
|
+
"tactics": [
|
|
13
|
+
{
|
|
14
|
+
"id": "AML.TA0000",
|
|
15
|
+
"name": "Reconnaissance",
|
|
16
|
+
"description": "The adversary gathers information about the target AI/ML system including model architecture, training methodology, deployment environment, API endpoints, and capability boundaries to identify attack surfaces.",
|
|
17
|
+
"techniques": [
|
|
18
|
+
{
|
|
19
|
+
"id": "AML.T0000",
|
|
20
|
+
"name": "Search for Victim's Publicly Available Research Materials",
|
|
21
|
+
"description": "Adversary searches for research papers, blog posts, and presentations that reveal details about the target AI system's architecture, training data, and model performance.",
|
|
22
|
+
"sub_techniques": [],
|
|
23
|
+
"mitigations": ["AML.M0000", "AML.M0001"]
|
|
24
|
+
},
|
|
25
|
+
{
|
|
26
|
+
"id": "AML.T0001",
|
|
27
|
+
"name": "Search for Victim's Model Information",
|
|
28
|
+
"description": "Adversary searches model registries, API documentation, and public repositories for information about deployed ML models including model cards, API schemas, and version history.",
|
|
29
|
+
"sub_techniques": [],
|
|
30
|
+
"mitigations": ["AML.M0000", "AML.M0001", "AML.M0005"]
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
"id": "AML.T0002",
|
|
34
|
+
"name": "Active Scanning of ML API",
|
|
35
|
+
"description": "Adversary probes ML model API endpoints to determine input/output formats, error handling behavior, rate limits, and model capabilities through systematic test queries.",
|
|
36
|
+
"sub_techniques": [],
|
|
37
|
+
"mitigations": ["AML.M0001", "AML.M0004", "AML.M0019", "AML.M0020"]
|
|
38
|
+
},
|
|
39
|
+
{
|
|
40
|
+
"id": "AML.T0003",
|
|
41
|
+
"name": "Gather ML Artifact Information",
|
|
42
|
+
"description": "Adversary collects information about ML artifacts including model file formats, serialization methods, framework versions, and dependency chains from public sources.",
|
|
43
|
+
"sub_techniques": [],
|
|
44
|
+
"mitigations": ["AML.M0000", "AML.M0005"]
|
|
45
|
+
},
|
|
46
|
+
{
|
|
47
|
+
"id": "AML.T0004",
|
|
48
|
+
"name": "Search for Victim's AI Infrastructure",
|
|
49
|
+
"description": "Adversary discovers deployment infrastructure details including cloud providers, GPU configurations, serving frameworks, and orchestration systems used by the target AI system.",
|
|
50
|
+
"sub_techniques": [],
|
|
51
|
+
"mitigations": ["AML.M0000", "AML.M0017"]
|
|
52
|
+
}
|
|
53
|
+
]
|
|
54
|
+
},
|
|
55
|
+
{
|
|
56
|
+
"id": "AML.TA0001",
|
|
57
|
+
"name": "Resource Development",
|
|
58
|
+
"description": "The adversary develops resources to support AI/ML attacks including proxy models, adversarial tooling, poisoned datasets, and compromised AI supply chain components.",
|
|
59
|
+
"techniques": [
|
|
60
|
+
{
|
|
61
|
+
"id": "AML.T0010",
|
|
62
|
+
"name": "AI Supply Chain Compromise",
|
|
63
|
+
"description": "Adversary compromises AI supply chain components including software libraries, pre-trained models, container images, and training datasets to introduce backdoors or malicious behavior.",
|
|
64
|
+
"sub_techniques": [
|
|
65
|
+
{
|
|
66
|
+
"id": "AML.T0010.001",
|
|
67
|
+
"name": "AI Software Compromise",
|
|
68
|
+
"description": "Compromise Python packages, ML frameworks, or AI development tools used by the target to inject malicious code."
|
|
69
|
+
},
|
|
70
|
+
{
|
|
71
|
+
"id": "AML.T0010.002",
|
|
72
|
+
"name": "Training Data Compromise",
|
|
73
|
+
"description": "Compromise training data sources to inject poisoned samples that create backdoors in fine-tuned models."
|
|
74
|
+
},
|
|
75
|
+
{
|
|
76
|
+
"id": "AML.T0010.003",
|
|
77
|
+
"name": "Model Compromise",
|
|
78
|
+
"description": "Distribute backdoored pre-trained models through registries or model hubs that behave maliciously on specific trigger inputs."
|
|
79
|
+
},
|
|
80
|
+
{
|
|
81
|
+
"id": "AML.T0010.004",
|
|
82
|
+
"name": "Container Registry Compromise",
|
|
83
|
+
"description": "Poison container images used for ML model serving, training pipelines, or AI agent deployment."
|
|
84
|
+
}
|
|
85
|
+
],
|
|
86
|
+
"mitigations": ["AML.M0011", "AML.M0013", "AML.M0014", "AML.M0016", "AML.M0027", "AML.M0034"]
|
|
87
|
+
},
|
|
88
|
+
{
|
|
89
|
+
"id": "AML.T0011",
|
|
90
|
+
"name": "Develop Adversarial ML Tools",
|
|
91
|
+
"description": "Adversary develops or acquires tools specifically designed for attacking ML systems including adversarial example generators, model extraction frameworks, and prompt injection payloads.",
|
|
92
|
+
"sub_techniques": [
|
|
93
|
+
{
|
|
94
|
+
"id": "AML.T0011.001",
|
|
95
|
+
"name": "Adversarial Example Generator",
|
|
96
|
+
"description": "Tools that generate adversarial perturbations optimized for specific model architectures."
|
|
97
|
+
},
|
|
98
|
+
{
|
|
99
|
+
"id": "AML.T0011.002",
|
|
100
|
+
"name": "Poisoned AI Agent Tool",
|
|
101
|
+
"description": "Develop trojanized agent skills or plugins that appear benign but execute malicious actions when installed."
|
|
102
|
+
}
|
|
103
|
+
],
|
|
104
|
+
"mitigations": ["AML.M0003", "AML.M0008", "AML.M0015"]
|
|
105
|
+
},
|
|
106
|
+
{
|
|
107
|
+
"id": "AML.T0058",
|
|
108
|
+
"name": "Publish Poisoned Models",
|
|
109
|
+
"description": "Adversary publishes backdoored models to public registries like HuggingFace, TensorFlow Hub, or PyTorch Hub that behave normally except on specific trigger inputs.",
|
|
110
|
+
"sub_techniques": [],
|
|
111
|
+
"mitigations": ["AML.M0013", "AML.M0014", "AML.M0016", "AML.M0027", "AML.M0034"]
|
|
112
|
+
},
|
|
113
|
+
{
|
|
114
|
+
"id": "AML.T0060",
|
|
115
|
+
"name": "Publish Hallucinated Entities",
|
|
116
|
+
"description": "Adversary creates fake packages, libraries, or modules with names that LLMs commonly hallucinate, exploiting package confusion when developers install LLM-suggested dependencies.",
|
|
117
|
+
"sub_techniques": [],
|
|
118
|
+
"mitigations": ["AML.M0016", "AML.M0027", "AML.M0034"]
|
|
119
|
+
},
|
|
120
|
+
{
|
|
121
|
+
"id": "AML.T0080",
|
|
122
|
+
"name": "AI Supply Chain Compromise / Context Poisoning",
|
|
123
|
+
"description": "Adversary poisons AI agent context including long-term memory, conversation threads, configuration files, and RAG knowledge bases to persistently alter agent behavior across sessions.",
|
|
124
|
+
"sub_techniques": [
|
|
125
|
+
{
|
|
126
|
+
"id": "AML.T0080.001",
|
|
127
|
+
"name": "Memory Poisoning",
|
|
128
|
+
"description": "Corrupt long-term memory stores (MEMORY.md, memory.db) to persist malicious instructions across sessions."
|
|
129
|
+
},
|
|
130
|
+
{
|
|
131
|
+
"id": "AML.T0080.002",
|
|
132
|
+
"name": "Thread Poisoning",
|
|
133
|
+
"description": "Inject instructions into active conversation threads via external data sources consumed by the agent."
|
|
134
|
+
}
|
|
135
|
+
],
|
|
136
|
+
"mitigations": ["AML.M0007", "AML.M0014", "AML.M0015", "AML.M0021"]
|
|
137
|
+
}
|
|
138
|
+
]
|
|
139
|
+
},
|
|
140
|
+
{
|
|
141
|
+
"id": "AML.TA0002",
|
|
142
|
+
"name": "Initial Access",
|
|
143
|
+
"description": "The adversary gains initial access to the AI/ML system through prompt injection, compromised supply chain components, phishing for model API credentials, or exploiting exposed AI service endpoints.",
|
|
144
|
+
"techniques": [
|
|
145
|
+
{
|
|
146
|
+
"id": "AML.T0051",
|
|
147
|
+
"name": "LLM Prompt Injection",
|
|
148
|
+
"description": "Adversary manipulates LLM behavior through crafted inputs that override system instructions, bypass safety controls, exfiltrate data, or trigger unauthorized actions in agentic AI systems.",
|
|
149
|
+
"sub_techniques": [
|
|
150
|
+
{
|
|
151
|
+
"id": "AML.T0051.000",
|
|
152
|
+
"name": "Direct Prompt Injection",
|
|
153
|
+
"description": "Attacker directly crafts prompts that override system instructions through role hijacking, delimiter attacks, or instruction injection."
|
|
154
|
+
},
|
|
155
|
+
{
|
|
156
|
+
"id": "AML.T0051.001",
|
|
157
|
+
"name": "Indirect Prompt Injection",
|
|
158
|
+
"description": "Malicious instructions embedded in external data sources (documents, web pages, Jira tickets, code files) consumed by the LLM during processing."
|
|
159
|
+
},
|
|
160
|
+
{
|
|
161
|
+
"id": "AML.T0051.002",
|
|
162
|
+
"name": "Triggered Prompt Injection",
|
|
163
|
+
"description": "Time-delayed or condition-triggered injection payloads embedded in CI/CD artifacts, issue comments, or staged content."
|
|
164
|
+
}
|
|
165
|
+
],
|
|
166
|
+
"mitigations": ["AML.M0010", "AML.M0015", "AML.M0018", "AML.M0026"]
|
|
167
|
+
},
|
|
168
|
+
{
|
|
169
|
+
"id": "AML.T0053",
|
|
170
|
+
"name": "LLM Plugin Compromise",
|
|
171
|
+
"description": "Adversary compromises or creates malicious LLM plugins, MCP servers, or tool integrations that execute unauthorized actions when invoked by the AI agent.",
|
|
172
|
+
"sub_techniques": [],
|
|
173
|
+
"mitigations": ["AML.M0011", "AML.M0013", "AML.M0014", "AML.M0016", "AML.M0034"]
|
|
174
|
+
},
|
|
175
|
+
{
|
|
176
|
+
"id": "AML.T0054",
|
|
177
|
+
"name": "Phishing for ML Credentials",
|
|
178
|
+
"description": "Adversary obtains credentials for ML model APIs, model registries, or AI platform services through social engineering, credential stuffing, or phishing campaigns.",
|
|
179
|
+
"sub_techniques": [],
|
|
180
|
+
"mitigations": ["AML.M0018", "AML.M0019", "AML.M0012"]
|
|
181
|
+
},
|
|
182
|
+
{
|
|
183
|
+
"id": "AML.T0016",
|
|
184
|
+
"name": "Exploit Public-Facing ML Application",
|
|
185
|
+
"description": "Adversary exploits vulnerabilities in public-facing ML model serving endpoints, AI chatbots, or inference APIs to gain initial access to the AI system.",
|
|
186
|
+
"sub_techniques": [],
|
|
187
|
+
"mitigations": ["AML.M0004", "AML.M0015", "AML.M0016", "AML.M0019"]
|
|
188
|
+
},
|
|
189
|
+
{
|
|
190
|
+
"id": "AML.T0018",
|
|
191
|
+
"name": "Compromise ML Development Environment",
|
|
192
|
+
"description": "Adversary compromises development environments including Jupyter notebooks, ML experiment tracking systems, or CI/CD pipelines used for model training and deployment.",
|
|
193
|
+
"sub_techniques": [],
|
|
194
|
+
"mitigations": ["AML.M0005", "AML.M0011", "AML.M0012", "AML.M0019"]
|
|
195
|
+
}
|
|
196
|
+
]
|
|
197
|
+
},
|
|
198
|
+
{
|
|
199
|
+
"id": "AML.TA0003",
|
|
200
|
+
"name": "ML Model Access",
|
|
201
|
+
"description": "The adversary obtains access to the ML model through inference API access, direct model artifact access, or exploitation of model serving infrastructure to enable downstream attacks.",
|
|
202
|
+
"techniques": [
|
|
203
|
+
{
|
|
204
|
+
"id": "AML.T0029",
|
|
205
|
+
"name": "Inference API Access",
|
|
206
|
+
"description": "Adversary obtains access to ML model inference APIs through legitimate credentials, API key theft, or exploiting unauthenticated endpoints to query the model.",
|
|
207
|
+
"sub_techniques": [],
|
|
208
|
+
"mitigations": ["AML.M0001", "AML.M0004", "AML.M0019"]
|
|
209
|
+
},
|
|
210
|
+
{
|
|
211
|
+
"id": "AML.T0030",
|
|
212
|
+
"name": "Model Artifact Access",
|
|
213
|
+
"description": "Adversary obtains direct access to model weight files, configuration, or checkpoints from model registries, shared storage, or compromised deployment environments.",
|
|
214
|
+
"sub_techniques": [],
|
|
215
|
+
"mitigations": ["AML.M0005", "AML.M0012", "AML.M0017"]
|
|
216
|
+
},
|
|
217
|
+
{
|
|
218
|
+
"id": "AML.T0031",
|
|
219
|
+
"name": "ML Service Exploitation",
|
|
220
|
+
"description": "Adversary exploits vulnerabilities in ML serving frameworks (TensorFlow Serving, Triton, vLLM) to gain unauthorized access to model resources.",
|
|
221
|
+
"sub_techniques": [],
|
|
222
|
+
"mitigations": ["AML.M0016", "AML.M0019"]
|
|
223
|
+
},
|
|
224
|
+
{
|
|
225
|
+
"id": "AML.T0032",
|
|
226
|
+
"name": "Batch Processing Exploit",
|
|
227
|
+
"description": "Adversary exploits batch inference pipelines to submit large volumes of queries or inject malicious samples into batch processing queues.",
|
|
228
|
+
"sub_techniques": [],
|
|
229
|
+
"mitigations": ["AML.M0004", "AML.M0015", "AML.M0019"]
|
|
230
|
+
},
|
|
231
|
+
{
|
|
232
|
+
"id": "AML.T0033",
|
|
233
|
+
"name": "Proxy Model Training",
|
|
234
|
+
"description": "Adversary trains a local proxy model that approximates the target model's behavior using data collected from API queries, enabling offline adversarial attack development.",
|
|
235
|
+
"sub_techniques": [],
|
|
236
|
+
"mitigations": ["AML.M0001", "AML.M0002", "AML.M0004"]
|
|
237
|
+
}
|
|
238
|
+
]
|
|
239
|
+
},
|
|
240
|
+
{
|
|
241
|
+
"id": "AML.TA0004",
|
|
242
|
+
"name": "Execution",
|
|
243
|
+
"description": "The adversary executes code or commands within the AI system through model inference manipulation, agent tool invocation, or exploitation of ML pipeline components.",
|
|
244
|
+
"techniques": [
|
|
245
|
+
{
|
|
246
|
+
"id": "AML.T0040",
|
|
247
|
+
"name": "Execute Code via ML Model",
|
|
248
|
+
"description": "Adversary exploits ML model deserialization, custom layer execution, or pipeline callbacks to execute arbitrary code on the host system.",
|
|
249
|
+
"sub_techniques": [],
|
|
250
|
+
"mitigations": ["AML.M0011", "AML.M0014", "AML.M0016"]
|
|
251
|
+
},
|
|
252
|
+
{
|
|
253
|
+
"id": "AML.T0041",
|
|
254
|
+
"name": "Agent Tool Execution",
|
|
255
|
+
"description": "Adversary triggers AI agent tool invocations through manipulated inputs, causing the agent to execute system commands, API calls, or file operations on behalf of the adversary.",
|
|
256
|
+
"sub_techniques": [],
|
|
257
|
+
"mitigations": ["AML.M0026", "AML.M0030"]
|
|
258
|
+
},
|
|
259
|
+
{
|
|
260
|
+
"id": "AML.T0042",
|
|
261
|
+
"name": "Malicious ML Pipeline Execution",
|
|
262
|
+
"description": "Adversary injects malicious steps into ML training or inference pipelines through compromised configuration files, poisoned dependencies, or modified pipeline definitions.",
|
|
263
|
+
"sub_techniques": [],
|
|
264
|
+
"mitigations": ["AML.M0013", "AML.M0014", "AML.M0016"]
|
|
265
|
+
},
|
|
266
|
+
{
|
|
267
|
+
"id": "AML.T0105",
|
|
268
|
+
"name": "Escape to Host",
|
|
269
|
+
"description": "Adversary escapes from the AI agent sandbox or container to the host system through container vulnerabilities, privilege escalation, or exploitation of agent file system access.",
|
|
270
|
+
"sub_techniques": [],
|
|
271
|
+
"mitigations": ["AML.M0011", "AML.M0026", "AML.M0030"]
|
|
272
|
+
},
|
|
273
|
+
{
|
|
274
|
+
"id": "AML.T0067",
|
|
275
|
+
"name": "LLM Output Code Execution",
|
|
276
|
+
"description": "Adversary manipulates LLM to generate and execute malicious code through code generation features, shell command tools, or automated code deployment pipelines.",
|
|
277
|
+
"sub_techniques": [],
|
|
278
|
+
"mitigations": ["AML.M0015", "AML.M0026", "AML.M0030"]
|
|
279
|
+
}
|
|
280
|
+
]
|
|
281
|
+
},
|
|
282
|
+
{
|
|
283
|
+
"id": "AML.TA0005",
|
|
284
|
+
"name": "Persistence",
|
|
285
|
+
"description": "The adversary establishes persistent access to the AI system through agent configuration modification, memory poisoning, backdoored models, or trojanized skills that survive session resets.",
|
|
286
|
+
"techniques": [
|
|
287
|
+
{
|
|
288
|
+
"id": "AML.T0081",
|
|
289
|
+
"name": "Modify AI Agent Configuration",
|
|
290
|
+
"description": "Adversary modifies AI agent configuration files (CLAUDE.md, goals/, args/, llm_config.yaml) to persistently alter agent behavior, add malicious instructions, or weaken security controls.",
|
|
291
|
+
"sub_techniques": [],
|
|
292
|
+
"mitigations": ["AML.M0005", "AML.M0013", "AML.M0014", "AML.M0021"]
|
|
293
|
+
},
|
|
294
|
+
{
|
|
295
|
+
"id": "AML.T0104",
|
|
296
|
+
"name": "Poisoned Agent Tool",
|
|
297
|
+
"description": "Adversary publishes a trojanized agent skill or plugin to a marketplace or registry that appears benign but executes malicious actions when installed and invoked by an AI agent.",
|
|
298
|
+
"sub_techniques": [],
|
|
299
|
+
"mitigations": ["AML.M0013", "AML.M0016", "AML.M0027", "AML.M0034"]
|
|
300
|
+
},
|
|
301
|
+
{
|
|
302
|
+
"id": "AML.T0019",
|
|
303
|
+
"name": "Backdoor ML Model",
|
|
304
|
+
"description": "Adversary embeds a backdoor in an ML model that triggers malicious behavior on specific inputs while maintaining normal performance on standard inputs.",
|
|
305
|
+
"sub_techniques": [],
|
|
306
|
+
"mitigations": ["AML.M0003", "AML.M0007", "AML.M0008", "AML.M0022"]
|
|
307
|
+
},
|
|
308
|
+
{
|
|
309
|
+
"id": "AML.T0099",
|
|
310
|
+
"name": "AI Agent Tool Data Poisoning",
|
|
311
|
+
"description": "Adversary poisons data at agent tool invocation points, corrupting the information returned to the agent to manipulate its decisions and actions over time.",
|
|
312
|
+
"sub_techniques": [],
|
|
313
|
+
"mitigations": ["AML.M0007", "AML.M0015", "AML.M0021"]
|
|
314
|
+
},
|
|
315
|
+
{
|
|
316
|
+
"id": "AML.T0062",
|
|
317
|
+
"name": "Persist via Model Update",
|
|
318
|
+
"description": "Adversary maintains persistence by compromising the model update pipeline, ensuring backdoors survive model retraining or version updates.",
|
|
319
|
+
"sub_techniques": [],
|
|
320
|
+
"mitigations": ["AML.M0013", "AML.M0014", "AML.M0008"]
|
|
321
|
+
},
|
|
322
|
+
{
|
|
323
|
+
"id": "AML.T0063",
|
|
324
|
+
"name": "Embedding Store Persistence",
|
|
325
|
+
"description": "Adversary injects malicious documents into RAG vector stores that persist across sessions and influence agent retrieval-augmented generation outputs.",
|
|
326
|
+
"sub_techniques": [],
|
|
327
|
+
"mitigations": ["AML.M0007", "AML.M0014", "AML.M0021"]
|
|
328
|
+
}
|
|
329
|
+
]
|
|
330
|
+
},
|
|
331
|
+
{
|
|
332
|
+
"id": "AML.TA0006",
|
|
333
|
+
"name": "Defense Evasion",
|
|
334
|
+
"description": "The adversary evades AI system defenses including adversarial input detection, output filtering, safety guardrails, and monitoring systems through obfuscation, perturbation, and encoding techniques.",
|
|
335
|
+
"techniques": [
|
|
336
|
+
{
|
|
337
|
+
"id": "AML.T0043",
|
|
338
|
+
"name": "Adversarial Perturbation",
|
|
339
|
+
"description": "Adversary applies imperceptible perturbations to inputs that cause ML models to misclassify or produce incorrect outputs while evading detection systems.",
|
|
340
|
+
"sub_techniques": [],
|
|
341
|
+
"mitigations": ["AML.M0003", "AML.M0006", "AML.M0009", "AML.M0010", "AML.M0015"]
|
|
342
|
+
},
|
|
343
|
+
{
|
|
344
|
+
"id": "AML.T0044",
|
|
345
|
+
"name": "Evade Detection System",
|
|
346
|
+
"description": "Adversary crafts inputs that specifically target and evade ML-based detection systems including malware classifiers, intrusion detection, and content moderation models.",
|
|
347
|
+
"sub_techniques": [],
|
|
348
|
+
"mitigations": ["AML.M0003", "AML.M0006", "AML.M0008", "AML.M0015"]
|
|
349
|
+
},
|
|
350
|
+
{
|
|
351
|
+
"id": "AML.T0055",
|
|
352
|
+
"name": "Prompt Obfuscation",
|
|
353
|
+
"description": "Adversary uses encoding techniques (base64, Unicode, homoglyphs, character substitution) to disguise prompt injection payloads and evade pattern-based detection.",
|
|
354
|
+
"sub_techniques": [],
|
|
355
|
+
"mitigations": ["AML.M0010", "AML.M0015"]
|
|
356
|
+
},
|
|
357
|
+
{
|
|
358
|
+
"id": "AML.T0064",
|
|
359
|
+
"name": "Guardrail Bypass",
|
|
360
|
+
"description": "Adversary discovers and exploits weaknesses in AI safety guardrails through systematic probing, edge case exploitation, or multi-turn manipulation to disable safety controls.",
|
|
361
|
+
"sub_techniques": [],
|
|
362
|
+
"mitigations": ["AML.M0003", "AML.M0015", "AML.M0022"]
|
|
363
|
+
},
|
|
364
|
+
{
|
|
365
|
+
"id": "AML.T0065",
|
|
366
|
+
"name": "Output Filter Evasion",
|
|
367
|
+
"description": "Adversary crafts requests that cause the model to encode sensitive information in outputs that bypass output filtering and content classification systems.",
|
|
368
|
+
"sub_techniques": [],
|
|
369
|
+
"mitigations": ["AML.M0002", "AML.M0015", "AML.M0033"]
|
|
370
|
+
}
|
|
371
|
+
]
|
|
372
|
+
},
|
|
373
|
+
{
|
|
374
|
+
"id": "AML.TA0007",
|
|
375
|
+
"name": "Discovery",
|
|
376
|
+
"description": "The adversary discovers information about the AI system's internal configuration, available tools, activation triggers, model capabilities, and permission boundaries.",
|
|
377
|
+
"techniques": [
|
|
378
|
+
{
|
|
379
|
+
"id": "AML.T0084",
|
|
380
|
+
"name": "Discover AI Agent Configuration",
|
|
381
|
+
"description": "Adversary enumerates AI agent configuration including available MCP servers, tool definitions, system prompts, and operational parameters through probing and information extraction.",
|
|
382
|
+
"sub_techniques": [
|
|
383
|
+
{
|
|
384
|
+
"id": "AML.T0084.001",
|
|
385
|
+
"name": "Tool Definitions",
|
|
386
|
+
"description": "Discover all available tools, their parameters, and capabilities by probing the agent's tool invocation interface."
|
|
387
|
+
},
|
|
388
|
+
{
|
|
389
|
+
"id": "AML.T0084.002",
|
|
390
|
+
"name": "Activation Triggers",
|
|
391
|
+
"description": "Identify keywords, patterns, or commands that trigger specific agent workflows or skill activations."
|
|
392
|
+
}
|
|
393
|
+
],
|
|
394
|
+
"mitigations": ["AML.M0000", "AML.M0001", "AML.M0019", "AML.M0020"]
|
|
395
|
+
},
|
|
396
|
+
{
|
|
397
|
+
"id": "AML.T0066",
|
|
398
|
+
"name": "Model Capability Probing",
|
|
399
|
+
"description": "Adversary systematically probes the model to discover its capabilities, limitations, knowledge boundaries, and potential attack surfaces through targeted queries.",
|
|
400
|
+
"sub_techniques": [],
|
|
401
|
+
"mitigations": ["AML.M0001", "AML.M0004", "AML.M0024"]
|
|
402
|
+
},
|
|
403
|
+
{
|
|
404
|
+
"id": "AML.T0068",
|
|
405
|
+
"name": "Permission Boundary Discovery",
|
|
406
|
+
"description": "Adversary probes the agent's permission boundaries to identify which tools are accessible, what actions are restricted, and where privilege escalation may be possible.",
|
|
407
|
+
"sub_techniques": [],
|
|
408
|
+
"mitigations": ["AML.M0019", "AML.M0026"]
|
|
409
|
+
},
|
|
410
|
+
{
|
|
411
|
+
"id": "AML.T0069",
|
|
412
|
+
"name": "Knowledge Base Enumeration",
|
|
413
|
+
"description": "Adversary queries the AI system to discover the contents and structure of its knowledge base, RAG sources, and embedded documents.",
|
|
414
|
+
"sub_techniques": [],
|
|
415
|
+
"mitigations": ["AML.M0005", "AML.M0019", "AML.M0024"]
|
|
416
|
+
},
|
|
417
|
+
{
|
|
418
|
+
"id": "AML.T0070",
|
|
419
|
+
"name": "Embedding Space Exploration",
|
|
420
|
+
"description": "Adversary explores the vector embedding space to discover document clusters, identify sensitive content regions, and map the knowledge base topology.",
|
|
421
|
+
"sub_techniques": [],
|
|
422
|
+
"mitigations": ["AML.M0005", "AML.M0012", "AML.M0019"]
|
|
423
|
+
}
|
|
424
|
+
]
|
|
425
|
+
},
|
|
426
|
+
{
|
|
427
|
+
"id": "AML.TA0008",
|
|
428
|
+
"name": "Collection",
|
|
429
|
+
"description": "The adversary collects data from AI services, RAG databases, agent tools, and model outputs to gather intelligence, sensitive information, or training data.",
|
|
430
|
+
"techniques": [
|
|
431
|
+
{
|
|
432
|
+
"id": "AML.T0085",
|
|
433
|
+
"name": "Data from AI Services",
|
|
434
|
+
"description": "Adversary collects data from AI system services including inference outputs, knowledge base content, and configuration information.",
|
|
435
|
+
"sub_techniques": [
|
|
436
|
+
{
|
|
437
|
+
"id": "AML.T0085.000",
|
|
438
|
+
"name": "Data from RAG Databases",
|
|
439
|
+
"description": "Extract sensitive documents and data from RAG vector stores through carefully crafted retrieval queries."
|
|
440
|
+
},
|
|
441
|
+
{
|
|
442
|
+
"id": "AML.T0085.001",
|
|
443
|
+
"name": "Data from AI Agent Tools",
|
|
444
|
+
"description": "Invoke agent tools to access organizational APIs, databases, and services, collecting data the agent has access to."
|
|
445
|
+
}
|
|
446
|
+
],
|
|
447
|
+
"mitigations": ["AML.M0005", "AML.M0019", "AML.M0026", "AML.M0033"]
|
|
448
|
+
},
|
|
449
|
+
{
|
|
450
|
+
"id": "AML.T0057",
|
|
451
|
+
"name": "LLM Meta Prompt Extraction",
|
|
452
|
+
"description": "Adversary extracts system prompts, safety instructions, persona definitions, and configuration from LLMs through conversational manipulation and instruction probing techniques.",
|
|
453
|
+
"sub_techniques": [],
|
|
454
|
+
"mitigations": ["AML.M0000", "AML.M0015", "AML.M0018", "AML.M0024"]
|
|
455
|
+
},
|
|
456
|
+
{
|
|
457
|
+
"id": "AML.T0082",
|
|
458
|
+
"name": "RAG Credential Harvesting",
|
|
459
|
+
"description": "Adversary extracts credentials, API keys, or secrets embedded in documents stored in RAG knowledge bases through targeted retrieval queries.",
|
|
460
|
+
"sub_techniques": [],
|
|
461
|
+
"mitigations": ["AML.M0005", "AML.M0012", "AML.M0019"]
|
|
462
|
+
},
|
|
463
|
+
{
|
|
464
|
+
"id": "AML.T0083",
|
|
465
|
+
"name": "Credentials from Agent Config",
|
|
466
|
+
"description": "Adversary extracts credentials from AI agent configuration files including .env files, AWS credentials, BYOK keys, and API tokens through prompt manipulation or config file access.",
|
|
467
|
+
"sub_techniques": [],
|
|
468
|
+
"mitigations": ["AML.M0005", "AML.M0012", "AML.M0019", "AML.M0026"]
|
|
469
|
+
},
|
|
470
|
+
{
|
|
471
|
+
"id": "AML.T0025",
|
|
472
|
+
"name": "Infer Training Data",
|
|
473
|
+
"description": "Adversary infers information about training data through membership inference attacks, model inversion, or output analysis to reconstruct sensitive training samples.",
|
|
474
|
+
"sub_techniques": [],
|
|
475
|
+
"mitigations": ["AML.M0001", "AML.M0002", "AML.M0004", "AML.M0012"]
|
|
476
|
+
},
|
|
477
|
+
{
|
|
478
|
+
"id": "AML.T0071",
|
|
479
|
+
"name": "Conversation History Extraction",
|
|
480
|
+
"description": "Adversary manipulates the AI agent to reveal previous conversation turns, user interactions, or cached responses from other sessions.",
|
|
481
|
+
"sub_techniques": [],
|
|
482
|
+
"mitigations": ["AML.M0005", "AML.M0019", "AML.M0033"]
|
|
483
|
+
}
|
|
484
|
+
]
|
|
485
|
+
},
|
|
486
|
+
{
|
|
487
|
+
"id": "AML.TA0009",
|
|
488
|
+
"name": "ML Attack Staging",
|
|
489
|
+
"description": "The adversary prepares and stages attacks against ML models including training data poisoning, adversarial example crafting, and model-specific exploit development.",
|
|
490
|
+
"techniques": [
|
|
491
|
+
{
|
|
492
|
+
"id": "AML.T0020",
|
|
493
|
+
"name": "Poison Training Data",
|
|
494
|
+
"description": "Adversary injects malicious samples into training datasets to create backdoors, degrade model performance, or bias outputs toward attacker-desired outcomes.",
|
|
495
|
+
"sub_techniques": [],
|
|
496
|
+
"mitigations": ["AML.M0007", "AML.M0008", "AML.M0021", "AML.M0025"]
|
|
497
|
+
},
|
|
498
|
+
{
|
|
499
|
+
"id": "AML.T0039",
|
|
500
|
+
"name": "Craft Adversarial Data",
|
|
501
|
+
"description": "Adversary creates adversarial examples optimized for the target model using gradient-based methods, evolutionary algorithms, or transfer-based approaches.",
|
|
502
|
+
"sub_techniques": [],
|
|
503
|
+
"mitigations": ["AML.M0003", "AML.M0006", "AML.M0010", "AML.M0015"]
|
|
504
|
+
},
|
|
505
|
+
{
|
|
506
|
+
"id": "AML.T0049",
|
|
507
|
+
"name": "Poison Embedding Store",
|
|
508
|
+
"description": "Adversary injects crafted documents into vector stores that manipulate retrieval results, causing the RAG system to return adversary-controlled content for specific queries.",
|
|
509
|
+
"sub_techniques": [],
|
|
510
|
+
"mitigations": ["AML.M0007", "AML.M0014", "AML.M0015"]
|
|
511
|
+
},
|
|
512
|
+
{
|
|
513
|
+
"id": "AML.T0072",
|
|
514
|
+
"name": "Fine-Tuning Data Injection",
|
|
515
|
+
"description": "Adversary injects malicious examples into fine-tuning datasets to alter model behavior on specific topics while maintaining general performance.",
|
|
516
|
+
"sub_techniques": [],
|
|
517
|
+
"mitigations": ["AML.M0007", "AML.M0025", "AML.M0008"]
|
|
518
|
+
},
|
|
519
|
+
{
|
|
520
|
+
"id": "AML.T0073",
|
|
521
|
+
"name": "Transfer Attack Development",
|
|
522
|
+
"description": "Adversary develops adversarial examples against proxy models that transfer effectively to the target model without requiring direct access.",
|
|
523
|
+
"sub_techniques": [],
|
|
524
|
+
"mitigations": ["AML.M0003", "AML.M0006", "AML.M0015"]
|
|
525
|
+
},
|
|
526
|
+
{
|
|
527
|
+
"id": "AML.T0108",
|
|
528
|
+
"name": "Benchmark Manipulation",
|
|
529
|
+
"description": "Adversary crafts adversarial benchmark datasets designed to produce misleadingly high performance scores during model evaluation, masking model weaknesses, biases, or embedded backdoors.",
|
|
530
|
+
"sub_techniques": [],
|
|
531
|
+
"mitigations": ["AML.M0007", "AML.M0008", "AML.M0022"]
|
|
532
|
+
}
|
|
533
|
+
]
|
|
534
|
+
},
|
|
535
|
+
{
|
|
536
|
+
"id": "AML.TA0010",
|
|
537
|
+
"name": "Exfiltration",
|
|
538
|
+
"description": "The adversary exfiltrates data from AI systems through inference API responses, agent tool invocations, model extraction, or manipulation of AI-controlled communication channels.",
|
|
539
|
+
"techniques": [
|
|
540
|
+
{
|
|
541
|
+
"id": "AML.T0086",
|
|
542
|
+
"name": "LLM Data Leakage",
|
|
543
|
+
"description": "Adversary causes the LLM to leak sensitive information including PII, CUI, classified data, credentials, or proprietary content through carefully crafted prompts that bypass output filtering.",
|
|
544
|
+
"sub_techniques": [
|
|
545
|
+
{
|
|
546
|
+
"id": "AML.T0086.001",
|
|
547
|
+
"name": "Exfiltration via Agent Tool Invocation",
|
|
548
|
+
"description": "Use write-capable agent tools (email, git push, API calls, deploy) to exfiltrate data to adversary-controlled destinations."
|
|
549
|
+
},
|
|
550
|
+
{
|
|
551
|
+
"id": "AML.T0086.002",
|
|
552
|
+
"name": "Exfiltration via Inference Response",
|
|
553
|
+
"description": "Encode sensitive data in model inference responses that pass through output filters undetected."
|
|
554
|
+
}
|
|
555
|
+
],
|
|
556
|
+
"mitigations": ["AML.M0019", "AML.M0024", "AML.M0026", "AML.M0030", "AML.M0033"]
|
|
557
|
+
},
|
|
558
|
+
{
|
|
559
|
+
"id": "AML.T0024",
|
|
560
|
+
"name": "ML Model Extraction",
|
|
561
|
+
"description": "Adversary extracts a functional copy of the ML model through systematic API querying, using the input-output pairs to train a substitute model.",
|
|
562
|
+
"sub_techniques": [
|
|
563
|
+
{
|
|
564
|
+
"id": "AML.T0024.001",
|
|
565
|
+
"name": "Invert ML Model",
|
|
566
|
+
"description": "Reconstruct training data samples by inverting the model using optimization techniques against model outputs."
|
|
567
|
+
},
|
|
568
|
+
{
|
|
569
|
+
"id": "AML.T0024.002",
|
|
570
|
+
"name": "Extract ML Model",
|
|
571
|
+
"description": "Systematically query the API to collect sufficient input-output pairs to train a functionally equivalent clone model."
|
|
572
|
+
}
|
|
573
|
+
],
|
|
574
|
+
"mitigations": ["AML.M0001", "AML.M0002", "AML.M0004", "AML.M0012", "AML.M0019"]
|
|
575
|
+
},
|
|
576
|
+
{
|
|
577
|
+
"id": "AML.T0035",
|
|
578
|
+
"name": "Exfiltrate Training Data",
|
|
579
|
+
"description": "Adversary exfiltrates training data through model memorization exploitation, gradient leakage, or direct access to training data stores.",
|
|
580
|
+
"sub_techniques": [],
|
|
581
|
+
"mitigations": ["AML.M0005", "AML.M0007", "AML.M0012"]
|
|
582
|
+
},
|
|
583
|
+
{
|
|
584
|
+
"id": "AML.T0074",
|
|
585
|
+
"name": "Exfiltrate via Model Outputs",
|
|
586
|
+
"description": "Adversary encodes sensitive data in model outputs using steganographic techniques, encoding schemes, or structured response manipulation that evade output filters.",
|
|
587
|
+
"sub_techniques": [],
|
|
588
|
+
"mitigations": ["AML.M0002", "AML.M0024", "AML.M0033"]
|
|
589
|
+
},
|
|
590
|
+
{
|
|
591
|
+
"id": "AML.T0075",
|
|
592
|
+
"name": "Exfiltrate via Side Channels",
|
|
593
|
+
"description": "Adversary extracts information through side channels including response timing, token count variations, confidence scores, or error messages from ML inference endpoints.",
|
|
594
|
+
"sub_techniques": [],
|
|
595
|
+
"mitigations": ["AML.M0002", "AML.M0019", "AML.M0024"]
|
|
596
|
+
}
|
|
597
|
+
]
|
|
598
|
+
},
|
|
599
|
+
{
|
|
600
|
+
"id": "AML.TA0011",
|
|
601
|
+
"name": "Impact",
|
|
602
|
+
"description": "The adversary causes damage through AI system manipulation including denial of service, model integrity erosion, cost harvesting, misinformation generation, and data destruction via agent tools.",
|
|
603
|
+
"techniques": [
|
|
604
|
+
{
|
|
605
|
+
"id": "AML.T0034",
|
|
606
|
+
"name": "Cost Harvesting",
|
|
607
|
+
"description": "Adversary exploits AI system resources to generate excessive compute costs through repeated expensive queries, recursive prompts, large token generation, or abuse of cloud-based inference endpoints.",
|
|
608
|
+
"sub_techniques": [],
|
|
609
|
+
"mitigations": ["AML.M0004", "AML.M0019", "AML.M0024"]
|
|
610
|
+
},
|
|
611
|
+
{
|
|
612
|
+
"id": "AML.T0047",
|
|
613
|
+
"name": "Model Integrity Erosion",
|
|
614
|
+
"description": "Adversary degrades model performance over time through systematic adversarial inputs that cause concept drift, confidence calibration errors, or cumulative bias introduction.",
|
|
615
|
+
"sub_techniques": [],
|
|
616
|
+
"mitigations": ["AML.M0003", "AML.M0008", "AML.M0023", "AML.M0025"]
|
|
617
|
+
},
|
|
618
|
+
{
|
|
619
|
+
"id": "AML.T0048",
|
|
620
|
+
"name": "Denial of ML Service",
|
|
621
|
+
"description": "Adversary causes denial of service against ML inference endpoints through resource exhaustion, model crashing inputs, infinite loop triggers, or computational complexity attacks.",
|
|
622
|
+
"sub_techniques": [],
|
|
623
|
+
"mitigations": ["AML.M0004", "AML.M0010", "AML.M0015"]
|
|
624
|
+
},
|
|
625
|
+
{
|
|
626
|
+
"id": "AML.T0101",
|
|
627
|
+
"name": "Data Destruction via Agent Tool Invocation",
|
|
628
|
+
"description": "Adversary manipulates AI agents to invoke destructive tools (terraform_apply, rollback, database operations, file deletion) that cause data loss or infrastructure damage.",
|
|
629
|
+
"sub_techniques": [],
|
|
630
|
+
"mitigations": ["AML.M0021", "AML.M0026", "AML.M0030"]
|
|
631
|
+
},
|
|
632
|
+
{
|
|
633
|
+
"id": "AML.T0076",
|
|
634
|
+
"name": "Misinformation Generation",
|
|
635
|
+
"description": "Adversary manipulates AI systems to generate and disseminate false, misleading, or fabricated information that appears authoritative, undermining trust in AI-generated content.",
|
|
636
|
+
"sub_techniques": [],
|
|
637
|
+
"mitigations": ["AML.M0008", "AML.M0025", "AML.M0030", "AML.M0032"]
|
|
638
|
+
},
|
|
639
|
+
{
|
|
640
|
+
"id": "AML.T0077",
|
|
641
|
+
"name": "Reputation Damage via AI Output",
|
|
642
|
+
"description": "Adversary manipulates AI system outputs to generate harmful, offensive, or policy-violating content attributed to the organization operating the AI system.",
|
|
643
|
+
"sub_techniques": [],
|
|
644
|
+
"mitigations": ["AML.M0015", "AML.M0030", "AML.M0033"]
|
|
645
|
+
}
|
|
646
|
+
]
|
|
647
|
+
},
|
|
648
|
+
{
|
|
649
|
+
"id": "AML.TA0012",
|
|
650
|
+
"name": "Privilege Escalation",
|
|
651
|
+
"description": "The adversary escalates privileges within the AI system by exploiting agent permission boundaries, tool access controls, or ML system trust relationships.",
|
|
652
|
+
"techniques": [
|
|
653
|
+
{
|
|
654
|
+
"id": "AML.T0078",
|
|
655
|
+
"name": "Agent Privilege Escalation",
|
|
656
|
+
"description": "Adversary escalates privileges within the AI agent by manipulating prompts to invoke tools or access resources beyond the intended permission scope.",
|
|
657
|
+
"sub_techniques": [],
|
|
658
|
+
"mitigations": ["AML.M0019", "AML.M0026", "AML.M0030"]
|
|
659
|
+
},
|
|
660
|
+
{
|
|
661
|
+
"id": "AML.T0079",
|
|
662
|
+
"name": "Cross-Agent Trust Exploitation",
|
|
663
|
+
"description": "Adversary exploits trust relationships between AI agents in multi-agent systems to relay commands through a less-privileged agent to a more-privileged one.",
|
|
664
|
+
"sub_techniques": [],
|
|
665
|
+
"mitigations": ["AML.M0019", "AML.M0021", "AML.M0026"]
|
|
666
|
+
},
|
|
667
|
+
{
|
|
668
|
+
"id": "AML.T0087",
|
|
669
|
+
"name": "Service Account Hijacking",
|
|
670
|
+
"description": "Adversary hijacks AI agent service accounts through credential extraction from agent configurations, environment variables, or memory stores.",
|
|
671
|
+
"sub_techniques": [],
|
|
672
|
+
"mitigations": ["AML.M0005", "AML.M0012", "AML.M0019"]
|
|
673
|
+
},
|
|
674
|
+
{
|
|
675
|
+
"id": "AML.T0088",
|
|
676
|
+
"name": "Tool Permission Bypass",
|
|
677
|
+
"description": "Adversary bypasses tool-level permission controls by exploiting parameter injection, command chaining, or indirect invocation patterns in AI agent tool interfaces.",
|
|
678
|
+
"sub_techniques": [],
|
|
679
|
+
"mitigations": ["AML.M0015", "AML.M0026"]
|
|
680
|
+
},
|
|
681
|
+
{
|
|
682
|
+
"id": "AML.T0089",
|
|
683
|
+
"name": "ML Pipeline Privilege Escalation",
|
|
684
|
+
"description": "Adversary exploits elevated privileges in ML training and deployment pipelines to modify models, access data stores, or deploy malicious artifacts.",
|
|
685
|
+
"sub_techniques": [],
|
|
686
|
+
"mitigations": ["AML.M0005", "AML.M0013", "AML.M0019"]
|
|
687
|
+
}
|
|
688
|
+
]
|
|
689
|
+
},
|
|
690
|
+
{
|
|
691
|
+
"id": "AML.TA0013",
|
|
692
|
+
"name": "Lateral Movement",
|
|
693
|
+
"description": "The adversary moves laterally through AI systems by exploiting LLM response rendering, agent interconnections, prompt self-replication, and shared model infrastructure.",
|
|
694
|
+
"techniques": [
|
|
695
|
+
{
|
|
696
|
+
"id": "AML.T0090",
|
|
697
|
+
"name": "LLM Response Rendering Exploitation",
|
|
698
|
+
"description": "Adversary crafts LLM outputs that execute in downstream rendering contexts (HTML, markdown, code interpreters) to achieve lateral movement from the AI system to connected services.",
|
|
699
|
+
"sub_techniques": [],
|
|
700
|
+
"mitigations": ["AML.M0015", "AML.M0033"]
|
|
701
|
+
},
|
|
702
|
+
{
|
|
703
|
+
"id": "AML.T0091",
|
|
704
|
+
"name": "Prompt Self-Replication",
|
|
705
|
+
"description": "Adversary creates self-replicating prompt injection payloads that propagate through AI agent outputs, contaminating downstream documents, conversations, and data stores.",
|
|
706
|
+
"sub_techniques": [],
|
|
707
|
+
"mitigations": ["AML.M0015", "AML.M0021", "AML.M0024"]
|
|
708
|
+
},
|
|
709
|
+
{
|
|
710
|
+
"id": "AML.T0092",
|
|
711
|
+
"name": "Agent-to-Agent Propagation",
|
|
712
|
+
"description": "Adversary spreads from a compromised agent to other agents in a multi-agent system by injecting malicious content into inter-agent communication channels.",
|
|
713
|
+
"sub_techniques": [],
|
|
714
|
+
"mitigations": ["AML.M0019", "AML.M0021", "AML.M0026"]
|
|
715
|
+
},
|
|
716
|
+
{
|
|
717
|
+
"id": "AML.T0093",
|
|
718
|
+
"name": "Shared Infrastructure Exploitation",
|
|
719
|
+
"description": "Adversary moves laterally through shared ML infrastructure including model registries, vector stores, training clusters, and GPU pools accessible to multiple tenants.",
|
|
720
|
+
"sub_techniques": [],
|
|
721
|
+
"mitigations": ["AML.M0005", "AML.M0012", "AML.M0019"]
|
|
722
|
+
},
|
|
723
|
+
{
|
|
724
|
+
"id": "AML.T0100",
|
|
725
|
+
"name": "AI Agent Clickbait",
|
|
726
|
+
"description": "Adversary lures browser-based or web-aware AI agents to visit attacker-controlled pages that contain hidden prompt injection payloads or exploit code targeting the agent's capabilities.",
|
|
727
|
+
"sub_techniques": [],
|
|
728
|
+
"mitigations": ["AML.M0015", "AML.M0018", "AML.M0026"]
|
|
729
|
+
}
|
|
730
|
+
]
|
|
731
|
+
},
|
|
732
|
+
{
|
|
733
|
+
"id": "AML.TA0014",
|
|
734
|
+
"name": "Command and Control",
|
|
735
|
+
"description": "The adversary establishes command and control channels through AI service APIs, agent tool invocations, or prompt injection-based communication to maintain persistent remote access.",
|
|
736
|
+
"techniques": [
|
|
737
|
+
{
|
|
738
|
+
"id": "AML.T0094",
|
|
739
|
+
"name": "C2 via AI Service API",
|
|
740
|
+
"description": "Adversary uses the AI system's legitimate API endpoints as a command and control channel, encoding commands in inference requests and receiving responses through model outputs.",
|
|
741
|
+
"sub_techniques": [],
|
|
742
|
+
"mitigations": ["AML.M0004", "AML.M0019", "AML.M0024"]
|
|
743
|
+
},
|
|
744
|
+
{
|
|
745
|
+
"id": "AML.T0095",
|
|
746
|
+
"name": "C2 via Prompt Injection",
|
|
747
|
+
"description": "Adversary maintains command and control through persistent prompt injection payloads embedded in documents, issues, or data sources regularly consumed by the AI agent.",
|
|
748
|
+
"sub_techniques": [],
|
|
749
|
+
"mitigations": ["AML.M0015", "AML.M0021", "AML.M0024"]
|
|
750
|
+
},
|
|
751
|
+
{
|
|
752
|
+
"id": "AML.T0096",
|
|
753
|
+
"name": "C2 via Agent Tool Channel",
|
|
754
|
+
"description": "Adversary establishes C2 through the agent's tool invocation interface, using permitted tools (email, HTTP requests, file writes) as covert communication channels.",
|
|
755
|
+
"sub_techniques": [],
|
|
756
|
+
"mitigations": ["AML.M0024", "AML.M0026", "AML.M0030"]
|
|
757
|
+
},
|
|
758
|
+
{
|
|
759
|
+
"id": "AML.T0097",
|
|
760
|
+
"name": "Dead Drop via Model Memory",
|
|
761
|
+
"description": "Adversary uses the AI agent's persistent memory or knowledge base as a dead drop for command exchange, storing instructions that the agent retrieves in subsequent sessions.",
|
|
762
|
+
"sub_techniques": [],
|
|
763
|
+
"mitigations": ["AML.M0005", "AML.M0014", "AML.M0021"]
|
|
764
|
+
},
|
|
765
|
+
{
|
|
766
|
+
"id": "AML.T0098",
|
|
767
|
+
"name": "Beaconing via Inference Patterns",
|
|
768
|
+
"description": "Adversary establishes beaconing through regular inference queries with encoded status information, using the model's API as a covert communication channel.",
|
|
769
|
+
"sub_techniques": [],
|
|
770
|
+
"mitigations": ["AML.M0004", "AML.M0019", "AML.M0024"]
|
|
771
|
+
}
|
|
772
|
+
]
|
|
773
|
+
},
|
|
774
|
+
{
|
|
775
|
+
"id": "AML.TA0015",
|
|
776
|
+
"name": "LLM Jailbreaking",
|
|
777
|
+
"description": "The adversary bypasses LLM safety alignment, content policies, and behavioral restrictions through specialized techniques designed to override model training constraints.",
|
|
778
|
+
"techniques": [
|
|
779
|
+
{
|
|
780
|
+
"id": "AML.T0056",
|
|
781
|
+
"name": "LLM Jailbreaking",
|
|
782
|
+
"description": "Adversary bypasses LLM safety constraints and content policies through role-playing scenarios, hypothetical framing, multi-turn manipulation, or exploitation of model training biases.",
|
|
783
|
+
"sub_techniques": [
|
|
784
|
+
{
|
|
785
|
+
"id": "AML.T0056.001",
|
|
786
|
+
"name": "Role-Play Jailbreak",
|
|
787
|
+
"description": "Manipulate the model into adopting a persona that bypasses safety restrictions through fictional scenarios or character role-play."
|
|
788
|
+
},
|
|
789
|
+
{
|
|
790
|
+
"id": "AML.T0056.002",
|
|
791
|
+
"name": "Multi-Turn Jailbreak",
|
|
792
|
+
"description": "Gradually escalate requests across multiple conversation turns to incrementally bypass safety boundaries."
|
|
793
|
+
},
|
|
794
|
+
{
|
|
795
|
+
"id": "AML.T0056.003",
|
|
796
|
+
"name": "Payload Splitting",
|
|
797
|
+
"description": "Split malicious prompts across multiple messages or encode components separately to bypass single-message detection."
|
|
798
|
+
}
|
|
799
|
+
],
|
|
800
|
+
"mitigations": ["AML.M0003", "AML.M0015", "AML.M0018", "AML.M0022", "AML.M0024"]
|
|
801
|
+
},
|
|
802
|
+
{
|
|
803
|
+
"id": "AML.T0102",
|
|
804
|
+
"name": "Many-Shot Jailbreaking",
|
|
805
|
+
"description": "Adversary uses long-context windows to include many examples of the desired unsafe behavior in the prompt, exploiting in-context learning to override safety training.",
|
|
806
|
+
"sub_techniques": [],
|
|
807
|
+
"mitigations": ["AML.M0004", "AML.M0015", "AML.M0024"]
|
|
808
|
+
},
|
|
809
|
+
{
|
|
810
|
+
"id": "AML.T0103",
|
|
811
|
+
"name": "Token Smuggling",
|
|
812
|
+
"description": "Adversary exploits tokenizer behavior to smuggle harmful content past safety filters by using unusual character combinations, Unicode sequences, or token boundary exploitation.",
|
|
813
|
+
"sub_techniques": [],
|
|
814
|
+
"mitigations": ["AML.M0010", "AML.M0015"]
|
|
815
|
+
},
|
|
816
|
+
{
|
|
817
|
+
"id": "AML.T0106",
|
|
818
|
+
"name": "System Prompt Override",
|
|
819
|
+
"description": "Adversary crafts inputs that override or nullify system prompt safety instructions by exploiting instruction hierarchy weaknesses or attention mechanism biases.",
|
|
820
|
+
"sub_techniques": [],
|
|
821
|
+
"mitigations": ["AML.M0003", "AML.M0015", "AML.M0018"]
|
|
822
|
+
},
|
|
823
|
+
{
|
|
824
|
+
"id": "AML.T0107",
|
|
825
|
+
"name": "Crescendo Attack",
|
|
826
|
+
"description": "Adversary uses a series of increasingly boundary-pushing but individually benign requests to gradually shift the model's behavioral baseline toward unsafe outputs.",
|
|
827
|
+
"sub_techniques": [],
|
|
828
|
+
"mitigations": ["AML.M0015", "AML.M0024"]
|
|
829
|
+
}
|
|
830
|
+
]
|
|
831
|
+
}
|
|
832
|
+
]
|
|
833
|
+
}
|