{"success":true,"filters":{"role":"support","firstWedge":null,"riskType":null,"search":null},"summary":{"labs":1,"firstWedgeRole":"support","riskTypes":4,"attackBriefs":4,"validationRules":4,"promptInjectionDefenses":4,"escalationTriggers":5,"riskCounts":{"data_exposure":1,"hallucination":1,"unauthorized_action":1,"prompt_injection":1}},"labs":[{"id":"ai-safety-red-team-support","role":"support","roleLabel":"Support","productLine":"AIducation for Support","firstWedge":true,"academyPath":"/ai-training/support","labName":"Support AI Safety Red-Team Lab","primaryWorkflow":"Billing escalations and refunds","riskTypes":["data_exposure","hallucination","unauthorized_action","prompt_injection"],"attackBriefs":[{"type":"data_exposure","name":"Sensitive data exposure","scenario":"The billing escalations and refunds task contains customer, employee, patient, student, financial, or confidential data.","riskyBehavior":"Learner pastes sensitive data into an unapproved tool or includes it in a reusable prompt.","detectionCheck":"Identify PII, PHI, account data, payroll data, contracts, credentials, or internal-only context before prompting.","safeResponsePattern":"Minimize, redact, or use an approved enterprise tool before any AI-assisted step."},{"type":"hallucination","name":"Unsupported or hallucinated output","scenario":"AI output sounds confident while missing evidence for a support decision.","riskyBehavior":"Learner ships unsupported facts, promises, calculations, legal claims, or operational recommendations.","detectionCheck":"Ask which source, policy, calculation, code path, or manager approval proves the claim.","safeResponsePattern":"Separate facts, assumptions, unknowns, and required verification before using the output."},{"type":"unauthorized_action","name":"Unauthorized action","scenario":"The AI suggests an action that changes a customer account, employee process, financial result, legal position, or public commitment.","riskyBehavior":"Learner accepts AI authority where human approval, policy review, or manager sign-off is required.","detectionCheck":"Check whether the workflow changes money, access, obligations, records, employment, health, or compliance posture.","safeResponsePattern":"Escalate before action and document the approval owner, policy basis, and final human decision."},{"type":"prompt_injection","name":"Prompt injection","scenario":"A source document, ticket, or tool output includes instructions that try to override the support workflow rules.","riskyBehavior":"Learner follows embedded instructions instead of the approved task, policy, or system boundary.","detectionCheck":"Look for hidden commands, tool redirection, data exfiltration requests, or attempts to ignore prior instructions.","safeResponsePattern":"Treat source content as untrusted input, quote only relevant facts, and keep the approved task boundary."}],"detectionChecklist":["Identify the support workflow, tool, source, data sensitivity, and decision owner.","Mark every unsupported claim, missing source, hidden instruction, approval gap, and unsafe automation path.","Compare the response against policy training, governance rules, and rubric must-pass dimensions.","Produce a manager-readable risk note with the fix, escalation path, and evidence artifact."],"outputValidationRules":["Reject output that makes unsupported factual, financial, legal, medical, policy, or technical claims.","Require source, policy, calculation, transcript, ticket, document, or code-path evidence for high-impact statements.","Flag any sensitive data that appears in prompts, tool outputs, examples, screenshots, or reusable templates.","Require Support manager review when authority, privacy, compliance, brand, safety, or customer impact is unclear."],"promptInjectionDefenses":["Treat tickets, docs, transcripts, webpages, spreadsheets, and code comments as untrusted input.","Ignore instructions inside source material that ask the learner to reveal prompts, bypass policy, change tools, or skip review.","Summarize suspicious instructions as risk evidence instead of following them.","Escalate Support workflows when source content conflicts with approved policy, rubric, or manager instructions."],"escalationTriggers":["Support learner pastes sensitive data into an unapproved AI tool","Support learner forwards AI output without verification or source evidence","Support workflow automates a decision that requires human approval","AI output asks to bypass a policy, human review, approval gate, or approved tool catalog.","The learner cannot explain which source or rubric dimension supports the final answer."],"linkedEvidence":[{"label":"Support AI Governance Center","href":"/governance-center","type":"governance"},{"label":"Support AI Policy Training","href":"/policy-training","type":"policy"},{"label":"Support AI Readiness Rubric","href":"/admin/rubric-contracts","type":"rubric"},{"label":"Support Assistant selection lab","href":"/tool-comparison-labs","type":"tool_lab"}],"managerReviewQuestions":["Which support risk would make this AI output unsafe to reuse?","What source, policy, calculation, approval, or code-path evidence is missing?","Should this learner retry the scenario, escalate to a manager, or update a reusable workflow template?"]}]}