Six Attack Vectors We Test
PII Leakage
SSNs, health data, constituent information exposed through AI interactions.
Prompt Injection
Malicious input hijacks model output or extracts system-level instructions.
Hallucination Risk
Model fabricates facts in eligibility or legal guidance decisions.
Role Escalation
Users query data beyond clearance level via crafted prompts.
Bias & Disparate Impact
Protected classes treated unequally in AI-assisted decisions.
Data Residency Breach
Sensitive state data processed outside approved data perimeters.
The Process
1
Build Scenarios
Curated adversarial prompts matched to government workflows and 6 attack vectors.
2
Execute Against Live System
Fire scenarios systematically. Automated via KVigil SLM. Every result logged.
3
Score & Risk-Tier
Findings rated on likelihood, impact, detectability — prioritized risk register.
4
Remediate with Controls
Findings drive DLP, human-in-the-loop policies, and access restrictions.
Grounded in
NIST AI RMF
OWASP LLM Top 10
MITRE ATLAS
Data Residency Policy