Attack Paths
Attack Paths groups related code-audit evidence into possible kill chains for a completed source assessment. Each path links back to the source findings AISafe published for the assessment when those findings are available.
The view shows the projection's proof_status and confidence exactly:
proven: AISafe has enough grounded evidence to present the path as proven.plausible_gap: AISafe found a plausible chain but one or more steps need manual validation.investigation: AISafe found leads worth reviewing, but not enough evidence to claim a complete chain.safe_control: AISafe found a relevant control or barrier that prevents the path as modeled.
Use plausible_gap and investigation paths as review queues, not as confirmed
exploit claims. Attack Paths is evidence navigation over AISafe's assessment
knowledge base; it does not replace finding triage or manual validation.