{"success":true,"filters":{"role":null,"firstWedge":null,"riskType":"prompt_injection","search":null},"summary":{"labs":7,"firstWedgeRole":"support","riskTypes":7,"attackBriefs":28,"validationRules":28,"promptInjectionDefenses":28,"escalationTriggers":35,"riskCounts":{"data_exposure":6,"hallucination":4,"unauthorized_action":3,"prompt_injection":7,"source_integrity":4,"code_security":1,"automation_overreach":3}},"labs":[{"id":"ai-safety-red-team-support","role":"support","roleLabel":"Support","productLine":"AIducation for Support","firstWedge":true,"academyPath":"/ai-training/support","labName":"Support AI Safety Red-Team Lab","primaryWorkflow":"Billing escalations and refunds","riskTypes":["data_exposure","hallucination","unauthorized_action","prompt_injection"],"attackBriefs":[{"type":"data_exposure","name":"Sensitive data exposure","scenario":"The billing escalations and refunds task contains customer, employee, patient, student, financial, or confidential data.","riskyBehavior":"Learner pastes sensitive data into an unapproved tool or includes it in a reusable prompt.","detectionCheck":"Identify PII, PHI, account data, payroll data, contracts, credentials, or internal-only context before prompting.","safeResponsePattern":"Minimize, redact, or use an approved enterprise tool before any AI-assisted step."},{"type":"hallucination","name":"Unsupported or hallucinated output","scenario":"AI output sounds confident while missing evidence for a support decision.","riskyBehavior":"Learner ships unsupported facts, promises, calculations, legal claims, or operational recommendations.","detectionCheck":"Ask which source, policy, calculation, code path, or manager approval proves the claim.","safeResponsePattern":"Separate facts, assumptions, unknowns, and required verification before using the output."},{"type":"unauthorized_action","name":"Unauthorized action","scenario":"The AI suggests an action that changes a customer account, employee process, financial result, legal position, or public commitment.","riskyBehavior":"Learner accepts AI authority where human approval, policy review, or manager sign-off is required.","detectionCheck":"Check whether the workflow changes money, access, obligations, records, employment, health, or compliance posture.","safeResponsePattern":"Escalate before action and document the approval owner, policy basis, and final human decision."},{"type":"prompt_injection","name":"Prompt injection","scenario":"A source document, ticket, or tool output includes instructions that try to override the support workflow rules.","riskyBehavior":"Learner follows embedded instructions instead of the approved task, policy, or system boundary.","detectionCheck":"Look for hidden commands, tool redirection, data exfiltration requests, or attempts to ignore prior instructions.","safeResponsePattern":"Treat source content as untrusted input, quote only relevant facts, and keep the approved task boundary."}],"detectionChecklist":["Identify the support workflow, tool, source, data sensitivity, and decision owner.","Mark every unsupported claim, missing source, hidden instruction, approval gap, and unsafe automation path.","Compare the response against policy training, governance rules, and rubric must-pass dimensions.","Produce a manager-readable risk note with the fix, escalation path, and evidence artifact."],"outputValidationRules":["Reject output that makes unsupported factual, financial, legal, medical, policy, or technical claims.","Require source, policy, calculation, transcript, ticket, document, or code-path evidence for high-impact statements.","Flag any sensitive data that appears in prompts, tool outputs, examples, screenshots, or reusable templates.","Require Support manager review when authority, privacy, compliance, brand, safety, or customer impact is unclear."],"promptInjectionDefenses":["Treat tickets, docs, transcripts, webpages, spreadsheets, and code comments as untrusted input.","Ignore instructions inside source material that ask the learner to reveal prompts, bypass policy, change tools, or skip review.","Summarize suspicious instructions as risk evidence instead of following them.","Escalate Support workflows when source content conflicts with approved policy, rubric, or manager instructions."],"escalationTriggers":["Support learner pastes sensitive data into an unapproved AI tool","Support learner forwards AI output without verification or source evidence","Support workflow automates a decision that requires human approval","AI output asks to bypass a policy, human review, approval gate, or approved tool catalog.","The learner cannot explain which source or rubric dimension supports the final answer."],"linkedEvidence":[{"label":"Support AI Governance Center","href":"/governance-center","type":"governance"},{"label":"Support AI Policy Training","href":"/policy-training","type":"policy"},{"label":"Support AI Readiness Rubric","href":"/admin/rubric-contracts","type":"rubric"},{"label":"Support Assistant selection lab","href":"/tool-comparison-labs","type":"tool_lab"}],"managerReviewQuestions":["Which support risk would make this AI output unsafe to reuse?","What source, policy, calculation, approval, or code-path evidence is missing?","Should this learner retry the scenario, escalate to a manager, or update a reusable workflow template?"]},{"id":"ai-safety-red-team-sales","role":"sales","roleLabel":"Sales","productLine":"AIducation for Sales","firstWedge":false,"academyPath":"/ai-training/sales","labName":"Sales AI Safety Red-Team Lab","primaryWorkflow":"Prospect research and account briefs","riskTypes":["hallucination","source_integrity","data_exposure","prompt_injection"],"attackBriefs":[{"type":"hallucination","name":"Unsupported or hallucinated output","scenario":"AI output sounds confident while missing evidence for a sales decision.","riskyBehavior":"Learner ships unsupported facts, promises, calculations, legal claims, or operational recommendations.","detectionCheck":"Ask which source, policy, calculation, code path, or manager approval proves the claim.","safeResponsePattern":"Separate facts, assumptions, unknowns, and required verification before using the output."},{"type":"source_integrity","name":"Source integrity failure","scenario":"The AI answer depends on sources, research, transcripts, docs, policies, spreadsheets, tickets, or market data.","riskyBehavior":"Learner treats summaries as primary evidence or ignores date, source quality, and missing context.","detectionCheck":"Open sources, verify dates, compare contradictory evidence, and note where the source does not support the claim.","safeResponsePattern":"Cite inspected evidence and label claims that still require confirmation."},{"type":"data_exposure","name":"Sensitive data exposure","scenario":"The prospect research and account briefs task contains customer, employee, patient, student, financial, or confidential data.","riskyBehavior":"Learner pastes sensitive data into an unapproved tool or includes it in a reusable prompt.","detectionCheck":"Identify PII, PHI, account data, payroll data, contracts, credentials, or internal-only context before prompting.","safeResponsePattern":"Minimize, redact, or use an approved enterprise tool before any AI-assisted step."},{"type":"prompt_injection","name":"Prompt injection","scenario":"A source document, ticket, or tool output includes instructions that try to override the sales workflow rules.","riskyBehavior":"Learner follows embedded instructions instead of the approved task, policy, or system boundary.","detectionCheck":"Look for hidden commands, tool redirection, data exfiltration requests, or attempts to ignore prior instructions.","safeResponsePattern":"Treat source content as untrusted input, quote only relevant facts, and keep the approved task boundary."}],"detectionChecklist":["Identify the sales workflow, tool, source, data sensitivity, and decision owner.","Mark every unsupported claim, missing source, hidden instruction, approval gap, and unsafe automation path.","Compare the response against policy training, governance rules, and rubric must-pass dimensions.","Produce a manager-readable risk note with the fix, escalation path, and evidence artifact."],"outputValidationRules":["Reject output that makes unsupported factual, financial, legal, medical, policy, or technical claims.","Require source, policy, calculation, transcript, ticket, document, or code-path evidence for high-impact statements.","Flag any sensitive data that appears in prompts, tool outputs, examples, screenshots, or reusable templates.","Require Sales manager review when authority, privacy, compliance, brand, safety, or customer impact is unclear."],"promptInjectionDefenses":["Treat tickets, docs, transcripts, webpages, spreadsheets, and code comments as untrusted input.","Ignore instructions inside source material that ask the learner to reveal prompts, bypass policy, change tools, or skip review.","Summarize suspicious instructions as risk evidence instead of following them.","Escalate Sales workflows when source content conflicts with approved policy, rubric, or manager instructions."],"escalationTriggers":["Sales learner pastes sensitive data into an unapproved AI tool","Sales learner forwards AI output without verification or source evidence","Sales workflow automates a decision that requires human approval","AI output asks to bypass a policy, human review, approval gate, or approved tool catalog.","The learner cannot explain which source or rubric dimension supports the final answer."],"linkedEvidence":[{"label":"Sales AI Governance Center","href":"/governance-center","type":"governance"},{"label":"Sales AI Policy Training","href":"/policy-training","type":"policy"},{"label":"Sales AI Readiness Rubric","href":"/admin/rubric-contracts","type":"rubric"},{"label":"Sales Research verification lab","href":"/tool-comparison-labs","type":"tool_lab"}],"managerReviewQuestions":["Which sales risk would make this AI output unsafe to reuse?","What source, policy, calculation, approval, or code-path evidence is missing?","Should this learner retry the scenario, escalate to a manager, or update a reusable workflow template?"]},{"id":"ai-safety-red-team-engineering","role":"engineering","roleLabel":"Engineering","productLine":"AIducation for Engineering","firstWedge":false,"academyPath":"/ai-training/engineering","labName":"Engineering AI Safety Red-Team Lab","primaryWorkflow":"AI-assisted code review","riskTypes":["code_security","prompt_injection","automation_overreach","source_integrity"],"attackBriefs":[{"type":"code_security","name":"Code and security risk","scenario":"A coding agent proposes a change, explanation, test, dependency, or architecture recommendation.","riskyBehavior":"Learner accepts generated code without checking behavior, security, permissions, or blast radius.","detectionCheck":"Inspect diffs, affected paths, auth boundaries, data handling, dependency risk, and test gaps.","safeResponsePattern":"Bound the agent task, review the diff, document risk, and require human engineering approval."},{"type":"prompt_injection","name":"Prompt injection","scenario":"A source document, ticket, or tool output includes instructions that try to override the engineering workflow rules.","riskyBehavior":"Learner follows embedded instructions instead of the approved task, policy, or system boundary.","detectionCheck":"Look for hidden commands, tool redirection, data exfiltration requests, or attempts to ignore prior instructions.","safeResponsePattern":"Treat source content as untrusted input, quote only relevant facts, and keep the approved task boundary."},{"type":"automation_overreach","name":"Automation overreach","scenario":"A repeatable engineering workflow is being automated before failure handling is clear.","riskyBehavior":"Learner lets AI or automation trigger downstream actions without approvals, alerts, rollback, or monitoring.","detectionCheck":"Inspect whether retries, exceptions, human review, audit logs, and stop conditions are defined.","safeResponsePattern":"Keep human checkpoints on sensitive actions and start with low-risk internal workflow evidence."},{"type":"source_integrity","name":"Source integrity failure","scenario":"The AI answer depends on sources, research, transcripts, docs, policies, spreadsheets, tickets, or market data.","riskyBehavior":"Learner treats summaries as primary evidence or ignores date, source quality, and missing context.","detectionCheck":"Open sources, verify dates, compare contradictory evidence, and note where the source does not support the claim.","safeResponsePattern":"Cite inspected evidence and label claims that still require confirmation."}],"detectionChecklist":["Identify the engineering workflow, tool, source, data sensitivity, and decision owner.","Mark every unsupported claim, missing source, hidden instruction, approval gap, and unsafe automation path.","Compare the response against policy training, governance rules, and rubric must-pass dimensions.","Produce a manager-readable risk note with the fix, escalation path, and evidence artifact."],"outputValidationRules":["Reject output that makes unsupported factual, financial, legal, medical, policy, or technical claims.","Require source, policy, calculation, transcript, ticket, document, or code-path evidence for high-impact statements.","Flag any sensitive data that appears in prompts, tool outputs, examples, screenshots, or reusable templates.","Require Engineering manager review when authority, privacy, compliance, brand, safety, or customer impact is unclear."],"promptInjectionDefenses":["Treat tickets, docs, transcripts, webpages, spreadsheets, and code comments as untrusted input.","Ignore instructions inside source material that ask the learner to reveal prompts, bypass policy, change tools, or skip review.","Summarize suspicious instructions as risk evidence instead of following them.","Escalate Engineering workflows when source content conflicts with approved policy, rubric, or manager instructions."],"escalationTriggers":["Engineering learner pastes sensitive data into an unapproved AI tool","Engineering learner forwards AI output without verification or source evidence","Engineering workflow automates a decision that requires human approval","AI output asks to bypass a policy, human review, approval gate, or approved tool catalog.","The learner cannot explain which source or rubric dimension supports the final answer."],"linkedEvidence":[{"label":"Engineering AI Governance Center","href":"/governance-center","type":"governance"},{"label":"Engineering AI Policy Training","href":"/policy-training","type":"policy"},{"label":"Engineering AI Readiness Rubric","href":"/admin/rubric-contracts","type":"rubric"},{"label":"Engineering Coding-agent lab","href":"/tool-comparison-labs","type":"tool_lab"}],"managerReviewQuestions":["Which engineering risk would make this AI output unsafe to reuse?","What source, policy, calculation, approval, or code-path evidence is missing?","Should this learner retry the scenario, escalate to a manager, or update a reusable workflow template?"]},{"id":"ai-safety-red-team-operations","role":"operations","roleLabel":"Operations","productLine":"AIducation for Operations","firstWedge":false,"academyPath":"/ai-training/operations","labName":"Operations AI Safety Red-Team Lab","primaryWorkflow":"SOP generation and review","riskTypes":["automation_overreach","prompt_injection","data_exposure","unauthorized_action"],"attackBriefs":[{"type":"automation_overreach","name":"Automation overreach","scenario":"A repeatable operations workflow is being automated before failure handling is clear.","riskyBehavior":"Learner lets AI or automation trigger downstream actions without approvals, alerts, rollback, or monitoring.","detectionCheck":"Inspect whether retries, exceptions, human review, audit logs, and stop conditions are defined.","safeResponsePattern":"Keep human checkpoints on sensitive actions and start with low-risk internal workflow evidence."},{"type":"prompt_injection","name":"Prompt injection","scenario":"A source document, ticket, or tool output includes instructions that try to override the operations workflow rules.","riskyBehavior":"Learner follows embedded instructions instead of the approved task, policy, or system boundary.","detectionCheck":"Look for hidden commands, tool redirection, data exfiltration requests, or attempts to ignore prior instructions.","safeResponsePattern":"Treat source content as untrusted input, quote only relevant facts, and keep the approved task boundary."},{"type":"data_exposure","name":"Sensitive data exposure","scenario":"The sop generation and review task contains customer, employee, patient, student, financial, or confidential data.","riskyBehavior":"Learner pastes sensitive data into an unapproved tool or includes it in a reusable prompt.","detectionCheck":"Identify PII, PHI, account data, payroll data, contracts, credentials, or internal-only context before prompting.","safeResponsePattern":"Minimize, redact, or use an approved enterprise tool before any AI-assisted step."},{"type":"unauthorized_action","name":"Unauthorized action","scenario":"The AI suggests an action that changes a customer account, employee process, financial result, legal position, or public commitment.","riskyBehavior":"Learner accepts AI authority where human approval, policy review, or manager sign-off is required.","detectionCheck":"Check whether the workflow changes money, access, obligations, records, employment, health, or compliance posture.","safeResponsePattern":"Escalate before action and document the approval owner, policy basis, and final human decision."}],"detectionChecklist":["Identify the operations workflow, tool, source, data sensitivity, and decision owner.","Mark every unsupported claim, missing source, hidden instruction, approval gap, and unsafe automation path.","Compare the response against policy training, governance rules, and rubric must-pass dimensions.","Produce a manager-readable risk note with the fix, escalation path, and evidence artifact."],"outputValidationRules":["Reject output that makes unsupported factual, financial, legal, medical, policy, or technical claims.","Require source, policy, calculation, transcript, ticket, document, or code-path evidence for high-impact statements.","Flag any sensitive data that appears in prompts, tool outputs, examples, screenshots, or reusable templates.","Require Operations manager review when authority, privacy, compliance, brand, safety, or customer impact is unclear."],"promptInjectionDefenses":["Treat tickets, docs, transcripts, webpages, spreadsheets, and code comments as untrusted input.","Ignore instructions inside source material that ask the learner to reveal prompts, bypass policy, change tools, or skip review.","Summarize suspicious instructions as risk evidence instead of following them.","Escalate Operations workflows when source content conflicts with approved policy, rubric, or manager instructions."],"escalationTriggers":["Operations learner pastes sensitive data into an unapproved AI tool","Operations learner forwards AI output without verification or source evidence","Operations workflow automates a decision that requires human approval","AI output asks to bypass a policy, human review, approval gate, or approved tool catalog.","The learner cannot explain which source or rubric dimension supports the final answer."],"linkedEvidence":[{"label":"Operations AI Governance Center","href":"/governance-center","type":"governance"},{"label":"Operations AI Policy Training","href":"/policy-training","type":"policy"},{"label":"Operations AI Readiness Rubric","href":"/admin/rubric-contracts","type":"rubric"},{"label":"Operations Automation design lab","href":"/tool-comparison-labs","type":"tool_lab"}],"managerReviewQuestions":["Which operations risk would make this AI output unsafe to reuse?","What source, policy, calculation, approval, or code-path evidence is missing?","Should this learner retry the scenario, escalate to a manager, or update a reusable workflow template?"]},{"id":"ai-safety-red-team-students","role":"students","roleLabel":"Students","productLine":"AIducation for Students","firstWedge":false,"academyPath":"/ai-training/students","labName":"Students AI Safety Red-Team Lab","primaryWorkflow":"Research planning and source checking","riskTypes":["source_integrity","hallucination","data_exposure","prompt_injection"],"attackBriefs":[{"type":"source_integrity","name":"Source integrity failure","scenario":"The AI answer depends on sources, research, transcripts, docs, policies, spreadsheets, tickets, or market data.","riskyBehavior":"Learner treats summaries as primary evidence or ignores date, source quality, and missing context.","detectionCheck":"Open sources, verify dates, compare contradictory evidence, and note where the source does not support the claim.","safeResponsePattern":"Cite inspected evidence and label claims that still require confirmation."},{"type":"hallucination","name":"Unsupported or hallucinated output","scenario":"AI output sounds confident while missing evidence for a students decision.","riskyBehavior":"Learner ships unsupported facts, promises, calculations, legal claims, or operational recommendations.","detectionCheck":"Ask which source, policy, calculation, code path, or manager approval proves the claim.","safeResponsePattern":"Separate facts, assumptions, unknowns, and required verification before using the output."},{"type":"data_exposure","name":"Sensitive data exposure","scenario":"The research planning and source checking task contains customer, employee, patient, student, financial, or confidential data.","riskyBehavior":"Learner pastes sensitive data into an unapproved tool or includes it in a reusable prompt.","detectionCheck":"Identify PII, PHI, account data, payroll data, contracts, credentials, or internal-only context before prompting.","safeResponsePattern":"Minimize, redact, or use an approved enterprise tool before any AI-assisted step."},{"type":"prompt_injection","name":"Prompt injection","scenario":"A source document, ticket, or tool output includes instructions that try to override the students workflow rules.","riskyBehavior":"Learner follows embedded instructions instead of the approved task, policy, or system boundary.","detectionCheck":"Look for hidden commands, tool redirection, data exfiltration requests, or attempts to ignore prior instructions.","safeResponsePattern":"Treat source content as untrusted input, quote only relevant facts, and keep the approved task boundary."}],"detectionChecklist":["Identify the students workflow, tool, source, data sensitivity, and decision owner.","Mark every unsupported claim, missing source, hidden instruction, approval gap, and unsafe automation path.","Compare the response against policy training, governance rules, and rubric must-pass dimensions.","Produce a manager-readable risk note with the fix, escalation path, and evidence artifact."],"outputValidationRules":["Reject output that makes unsupported factual, financial, legal, medical, policy, or technical claims.","Require source, policy, calculation, transcript, ticket, document, or code-path evidence for high-impact statements.","Flag any sensitive data that appears in prompts, tool outputs, examples, screenshots, or reusable templates.","Require Students manager review when authority, privacy, compliance, brand, safety, or customer impact is unclear."],"promptInjectionDefenses":["Treat tickets, docs, transcripts, webpages, spreadsheets, and code comments as untrusted input.","Ignore instructions inside source material that ask the learner to reveal prompts, bypass policy, change tools, or skip review.","Summarize suspicious instructions as risk evidence instead of following them.","Escalate Students workflows when source content conflicts with approved policy, rubric, or manager instructions."],"escalationTriggers":["Students learner pastes sensitive data into an unapproved AI tool","Students learner forwards AI output without verification or source evidence","Students workflow automates a decision that requires human approval","AI output asks to bypass a policy, human review, approval gate, or approved tool catalog.","The learner cannot explain which source or rubric dimension supports the final answer."],"linkedEvidence":[{"label":"Students AI Governance Center","href":"/governance-center","type":"governance"},{"label":"Students AI Policy Training","href":"/policy-training","type":"policy"},{"label":"Students AI Readiness Rubric","href":"/admin/rubric-contracts","type":"rubric"},{"label":"Students Research verification lab","href":"/tool-comparison-labs","type":"tool_lab"}],"managerReviewQuestions":["Which students risk would make this AI output unsafe to reuse?","What source, policy, calculation, approval, or code-path evidence is missing?","Should this learner retry the scenario, escalate to a manager, or update a reusable workflow template?"]},{"id":"ai-safety-red-team-government","role":"government","roleLabel":"Government","productLine":"AIducation for Government","firstWedge":false,"academyPath":"/ai-training/government","labName":"Government AI Safety Red-Team Lab","primaryWorkflow":"Citizen service response","riskTypes":["data_exposure","unauthorized_action","source_integrity","prompt_injection"],"attackBriefs":[{"type":"data_exposure","name":"Sensitive data exposure","scenario":"The citizen service response task contains customer, employee, patient, student, financial, or confidential data.","riskyBehavior":"Learner pastes sensitive data into an unapproved tool or includes it in a reusable prompt.","detectionCheck":"Identify PII, PHI, account data, payroll data, contracts, credentials, or internal-only context before prompting.","safeResponsePattern":"Minimize, redact, or use an approved enterprise tool before any AI-assisted step."},{"type":"unauthorized_action","name":"Unauthorized action","scenario":"The AI suggests an action that changes a customer account, employee process, financial result, legal position, or public commitment.","riskyBehavior":"Learner accepts AI authority where human approval, policy review, or manager sign-off is required.","detectionCheck":"Check whether the workflow changes money, access, obligations, records, employment, health, or compliance posture.","safeResponsePattern":"Escalate before action and document the approval owner, policy basis, and final human decision."},{"type":"source_integrity","name":"Source integrity failure","scenario":"The AI answer depends on sources, research, transcripts, docs, policies, spreadsheets, tickets, or market data.","riskyBehavior":"Learner treats summaries as primary evidence or ignores date, source quality, and missing context.","detectionCheck":"Open sources, verify dates, compare contradictory evidence, and note where the source does not support the claim.","safeResponsePattern":"Cite inspected evidence and label claims that still require confirmation."},{"type":"prompt_injection","name":"Prompt injection","scenario":"A source document, ticket, or tool output includes instructions that try to override the government workflow rules.","riskyBehavior":"Learner follows embedded instructions instead of the approved task, policy, or system boundary.","detectionCheck":"Look for hidden commands, tool redirection, data exfiltration requests, or attempts to ignore prior instructions.","safeResponsePattern":"Treat source content as untrusted input, quote only relevant facts, and keep the approved task boundary."}],"detectionChecklist":["Identify the government workflow, tool, source, data sensitivity, and decision owner.","Mark every unsupported claim, missing source, hidden instruction, approval gap, and unsafe automation path.","Compare the response against policy training, governance rules, and rubric must-pass dimensions.","Produce a manager-readable risk note with the fix, escalation path, and evidence artifact."],"outputValidationRules":["Reject output that makes unsupported factual, financial, legal, medical, policy, or technical claims.","Require source, policy, calculation, transcript, ticket, document, or code-path evidence for high-impact statements.","Flag any sensitive data that appears in prompts, tool outputs, examples, screenshots, or reusable templates.","Require Government manager review when authority, privacy, compliance, brand, safety, or customer impact is unclear."],"promptInjectionDefenses":["Treat tickets, docs, transcripts, webpages, spreadsheets, and code comments as untrusted input.","Ignore instructions inside source material that ask the learner to reveal prompts, bypass policy, change tools, or skip review.","Summarize suspicious instructions as risk evidence instead of following them.","Escalate Government workflows when source content conflicts with approved policy, rubric, or manager instructions."],"escalationTriggers":["Government learner pastes sensitive data into an unapproved AI tool","Government learner forwards AI output without verification or source evidence","Government workflow automates a decision that requires human approval","AI output asks to bypass a policy, human review, approval gate, or approved tool catalog.","The learner cannot explain which source or rubric dimension supports the final answer."],"linkedEvidence":[{"label":"Government AI Governance Center","href":"/governance-center","type":"governance"},{"label":"Government AI Policy Training","href":"/policy-training","type":"policy"},{"label":"Government AI Readiness Rubric","href":"/admin/rubric-contracts","type":"rubric"},{"label":"Government Assistant selection lab","href":"/tool-comparison-labs","type":"tool_lab"}],"managerReviewQuestions":["Which government risk would make this AI output unsafe to reuse?","What source, policy, calculation, approval, or code-path evidence is missing?","Should this learner retry the scenario, escalate to a manager, or update a reusable workflow template?"]},{"id":"ai-safety-red-team-small-business","role":"small-business","roleLabel":"Small Business","productLine":"AIducation for Small Businesses","firstWedge":false,"academyPath":"/ai-training/small-business","labName":"Small Business AI Safety Red-Team Lab","primaryWorkflow":"Local marketing and content","riskTypes":["automation_overreach","data_exposure","hallucination","prompt_injection"],"attackBriefs":[{"type":"automation_overreach","name":"Automation overreach","scenario":"A repeatable small business workflow is being automated before failure handling is clear.","riskyBehavior":"Learner lets AI or automation trigger downstream actions without approvals, alerts, rollback, or monitoring.","detectionCheck":"Inspect whether retries, exceptions, human review, audit logs, and stop conditions are defined.","safeResponsePattern":"Keep human checkpoints on sensitive actions and start with low-risk internal workflow evidence."},{"type":"data_exposure","name":"Sensitive data exposure","scenario":"The local marketing and content task contains customer, employee, patient, student, financial, or confidential data.","riskyBehavior":"Learner pastes sensitive data into an unapproved tool or includes it in a reusable prompt.","detectionCheck":"Identify PII, PHI, account data, payroll data, contracts, credentials, or internal-only context before prompting.","safeResponsePattern":"Minimize, redact, or use an approved enterprise tool before any AI-assisted step."},{"type":"hallucination","name":"Unsupported or hallucinated output","scenario":"AI output sounds confident while missing evidence for a small business decision.","riskyBehavior":"Learner ships unsupported facts, promises, calculations, legal claims, or operational recommendations.","detectionCheck":"Ask which source, policy, calculation, code path, or manager approval proves the claim.","safeResponsePattern":"Separate facts, assumptions, unknowns, and required verification before using the output."},{"type":"prompt_injection","name":"Prompt injection","scenario":"A source document, ticket, or tool output includes instructions that try to override the small business workflow rules.","riskyBehavior":"Learner follows embedded instructions instead of the approved task, policy, or system boundary.","detectionCheck":"Look for hidden commands, tool redirection, data exfiltration requests, or attempts to ignore prior instructions.","safeResponsePattern":"Treat source content as untrusted input, quote only relevant facts, and keep the approved task boundary."}],"detectionChecklist":["Identify the small business workflow, tool, source, data sensitivity, and decision owner.","Mark every unsupported claim, missing source, hidden instruction, approval gap, and unsafe automation path.","Compare the response against policy training, governance rules, and rubric must-pass dimensions.","Produce a manager-readable risk note with the fix, escalation path, and evidence artifact."],"outputValidationRules":["Reject output that makes unsupported factual, financial, legal, medical, policy, or technical claims.","Require source, policy, calculation, transcript, ticket, document, or code-path evidence for high-impact statements.","Flag any sensitive data that appears in prompts, tool outputs, examples, screenshots, or reusable templates.","Require Small Business manager review when authority, privacy, compliance, brand, safety, or customer impact is unclear."],"promptInjectionDefenses":["Treat tickets, docs, transcripts, webpages, spreadsheets, and code comments as untrusted input.","Ignore instructions inside source material that ask the learner to reveal prompts, bypass policy, change tools, or skip review.","Summarize suspicious instructions as risk evidence instead of following them.","Escalate Small Business workflows when source content conflicts with approved policy, rubric, or manager instructions."],"escalationTriggers":["Small Business learner pastes sensitive data into an unapproved AI tool","Small Business learner forwards AI output without verification or source evidence","Small Business workflow automates a decision that requires human approval","AI output asks to bypass a policy, human review, approval gate, or approved tool catalog.","The learner cannot explain which source or rubric dimension supports the final answer."],"linkedEvidence":[{"label":"Small Business AI Governance Center","href":"/governance-center","type":"governance"},{"label":"Small Business AI Policy Training","href":"/policy-training","type":"policy"},{"label":"Small Business AI Readiness Rubric","href":"/admin/rubric-contracts","type":"rubric"},{"label":"Small Business Automation design lab","href":"/tool-comparison-labs","type":"tool_lab"}],"managerReviewQuestions":["Which small business risk would make this AI output unsafe to reuse?","What source, policy, calculation, approval, or code-path evidence is missing?","Should this learner retry the scenario, escalate to a manager, or update a reusable workflow template?"]}]}