Skip to main content

Attack Paths

Attack Paths groups related code-audit evidence into possible kill chains for a completed source assessment. Each path links back to the source findings AISafe published for the assessment when those findings are available.

The view shows the projection's proof_status and confidence exactly:

  • proven: AISafe has enough grounded evidence to present the path as proven.
  • plausible_gap: AISafe found a plausible chain but one or more steps need manual validation.
  • investigation: AISafe found leads worth reviewing, but not enough evidence to claim a complete chain.
  • safe_control: AISafe found a relevant control or barrier that prevents the path as modeled.

Use plausible_gap and investigation paths as review queues, not as confirmed exploit claims. Attack Paths is evidence navigation over AISafe's assessment knowledge base; it does not replace finding triage or manual validation.