LLM- and agent-shaped attack surfaces. See ai-red-teaming for path ordering.

Foundations

• llm-threat-model
• output-filtering-and-its-bypasses

Prompt-layer

• direct-prompt-injection · indirect-prompt-injection
• jailbreaks · adversarial-suffixes
• multimodal-attacks

Agent and tool

• tool-confusion · mcp-attacks
• mcp-tool-poisoning-rug-pull
• agentic-tool-chain-confused-deputy
• copilot-zero-click-echoleak
• chain-of-trust-confusion
• exfiltration-via-rendered-content

RAG and memory

• rag-poisoning · memory-poisoning
• poisonedrag-five-doc
• phantom-rag-backdoor
• embedding-inversion-algen

Model-level

• model-extraction · training-data-extraction
• membership-inference
• supply-chain-attacks-on-models
• slopsquatting

Infrastructure

• infrastructure-around-llms