{"success":true,"filters":{"role":"engineering","firstWedge":null,"riskType":null,"search":null},"summary":{"labs":1,"firstWedgeRole":null,"riskTypes":4,"attackBriefs":4,"validationRules":4,"promptInjectionDefenses":4,"escalationTriggers":5,"riskCounts":{"code_security":1,"prompt_injection":1,"automation_overreach":1,"source_integrity":1}},"labs":[{"id":"ai-safety-red-team-engineering","role":"engineering","roleLabel":"Engineering","productLine":"AIducation for Engineering","firstWedge":false,"academyPath":"/ai-training/engineering","labName":"Engineering AI Safety Red-Team Lab","primaryWorkflow":"AI-assisted code review","riskTypes":["code_security","prompt_injection","automation_overreach","source_integrity"],"attackBriefs":[{"type":"code_security","name":"Code and security risk","scenario":"A coding agent proposes a change, explanation, test, dependency, or architecture recommendation.","riskyBehavior":"Learner accepts generated code without checking behavior, security, permissions, or blast radius.","detectionCheck":"Inspect diffs, affected paths, auth boundaries, data handling, dependency risk, and test gaps.","safeResponsePattern":"Bound the agent task, review the diff, document risk, and require human engineering approval."},{"type":"prompt_injection","name":"Prompt injection","scenario":"A source document, ticket, or tool output includes instructions that try to override the engineering workflow rules.","riskyBehavior":"Learner follows embedded instructions instead of the approved task, policy, or system boundary.","detectionCheck":"Look for hidden commands, tool redirection, data exfiltration requests, or attempts to ignore prior instructions.","safeResponsePattern":"Treat source content as untrusted input, quote only relevant facts, and keep the approved task boundary."},{"type":"automation_overreach","name":"Automation overreach","scenario":"A repeatable engineering workflow is being automated before failure handling is clear.","riskyBehavior":"Learner lets AI or automation trigger downstream actions without approvals, alerts, rollback, or monitoring.","detectionCheck":"Inspect whether retries, exceptions, human review, audit logs, and stop conditions are defined.","safeResponsePattern":"Keep human checkpoints on sensitive actions and start with low-risk internal workflow evidence."},{"type":"source_integrity","name":"Source integrity failure","scenario":"The AI answer depends on sources, research, transcripts, docs, policies, spreadsheets, tickets, or market data.","riskyBehavior":"Learner treats summaries as primary evidence or ignores date, source quality, and missing context.","detectionCheck":"Open sources, verify dates, compare contradictory evidence, and note where the source does not support the claim.","safeResponsePattern":"Cite inspected evidence and label claims that still require confirmation."}],"detectionChecklist":["Identify the engineering workflow, tool, source, data sensitivity, and decision owner.","Mark every unsupported claim, missing source, hidden instruction, approval gap, and unsafe automation path.","Compare the response against policy training, governance rules, and rubric must-pass dimensions.","Produce a manager-readable risk note with the fix, escalation path, and evidence artifact."],"outputValidationRules":["Reject output that makes unsupported factual, financial, legal, medical, policy, or technical claims.","Require source, policy, calculation, transcript, ticket, document, or code-path evidence for high-impact statements.","Flag any sensitive data that appears in prompts, tool outputs, examples, screenshots, or reusable templates.","Require Engineering manager review when authority, privacy, compliance, brand, safety, or customer impact is unclear."],"promptInjectionDefenses":["Treat tickets, docs, transcripts, webpages, spreadsheets, and code comments as untrusted input.","Ignore instructions inside source material that ask the learner to reveal prompts, bypass policy, change tools, or skip review.","Summarize suspicious instructions as risk evidence instead of following them.","Escalate Engineering workflows when source content conflicts with approved policy, rubric, or manager instructions."],"escalationTriggers":["Engineering learner pastes sensitive data into an unapproved AI tool","Engineering learner forwards AI output without verification or source evidence","Engineering workflow automates a decision that requires human approval","AI output asks to bypass a policy, human review, approval gate, or approved tool catalog.","The learner cannot explain which source or rubric dimension supports the final answer."],"linkedEvidence":[{"label":"Engineering AI Governance Center","href":"/governance-center","type":"governance"},{"label":"Engineering AI Policy Training","href":"/policy-training","type":"policy"},{"label":"Engineering AI Readiness Rubric","href":"/admin/rubric-contracts","type":"rubric"},{"label":"Engineering Coding-agent lab","href":"/tool-comparison-labs","type":"tool_lab"}],"managerReviewQuestions":["Which engineering risk would make this AI output unsafe to reuse?","What source, policy, calculation, approval, or code-path evidence is missing?","Should this learner retry the scenario, escalate to a manager, or update a reusable workflow template?"]}]}