๐Ÿ›ก๏ธ NAIL Institute โ€” AVE Database

AVE Taxonomy โ€” 13 Attack Categories

Every vulnerability is classified into an attack surface or failure domain. Categories emerge from empirical observation of AI agent behaviour across 29 controlled experiments and 50,000+ adversarial simulations.

๐Ÿท๏ธ alignment โ€” Sycophancy, deceptive alignment, RLHF exploits (9 cards)

AVE-2025-0007 ๐ŸŸ  high Goodhart's Cartel
AVE-2025-0008 ๐ŸŸก medium Learned Helplessness
AVE-2025-0010 ๐ŸŸก medium Clever Hans Effect
AVE-2025-0012 ๐ŸŸ  high Sycophantic Collapse
AVE-2025-0015 ๐ŸŸก medium Observer Effect
AVE-2025-0024 ๐Ÿ”ด critical Deceptive Alignment
AVE-2025-0036 ๐ŸŸก medium Errors of Omission
AVE-2025-0043 ๐ŸŸ  high Sycophantic Compliance Cascade
AVE-2025-0050 ๐ŸŸก medium Multi-Turn Identity Confusion

๐Ÿท๏ธ consensus โ€” Deadlock, paralysis, and group decision failures (2 cards)

AVE-2025-0002 ๐ŸŸ  high Consensus Paralysis
AVE-2025-0039 ๐ŸŸ  high Cross-Agent Belief Propagation

๐Ÿท๏ธ credential โ€” Credential harvesting, secret exfiltration (2 cards)

AVE-2025-0028 ๐Ÿ”ด critical Credential Harvesting
AVE-2025-0042 ๐Ÿ”ด critical Credential Leakage via Tool Output

๐Ÿท๏ธ delegation โ€” Shadow delegation, privilege escalation (2 cards)

AVE-2025-0027 ๐ŸŸ  high Shadow Delegation
AVE-2025-0040 ๐Ÿ”ด critical Authority Gradient Exploitation

๐Ÿท๏ธ drift โ€” Persona drift, language drift, goal drift (4 cards)

AVE-2025-0004 ๐ŸŸก medium Prompt Inbreeding
AVE-2025-0006 ๐ŸŸก medium Language Drift
AVE-2025-0031 ๐ŸŸ  high Temporal Persona Shift
AVE-2025-0047 ๐ŸŸ  high Reward Signal Manipulation

๐Ÿท๏ธ fabrication โ€” Hallucination, data fabrication (1 cards)

AVE-2025-0049 ๐ŸŸก medium Fabricated Citation Attack

๐Ÿท๏ธ injection โ€” Prompt injection, indirect injection, jailbreaks (4 cards)

AVE-2025-0019 ๐ŸŸ  high Pydantic Schema Exploitation
AVE-2025-0030 ๐ŸŸ  high Semantic Trojan Horse
AVE-2025-0033 ๐Ÿ”ด critical Jailbreak Chaining for Capability Escalation
AVE-2025-0037 ๐Ÿ”ด critical Semantic Prompt Smuggling

๐Ÿท๏ธ memory โ€” Memory pollution, laundering, and poisoning attacks (5 cards)

AVE-2025-0001 ๐Ÿ”ด critical Sleeper Payload Injection
AVE-2025-0009 ๐Ÿ”ด critical Epistemic Contagion
AVE-2025-0022 ๐ŸŸ  high Memory Laundering
AVE-2025-0034 ๐Ÿ”ด critical Federated Poisoning in Multi-Tenant Systems
AVE-2025-0045 ๐ŸŸ  high Memory Provenance Laundering

๐Ÿท๏ธ resource โ€” Token embezzlement, EDoS, cost anomaly attacks (3 cards)

AVE-2025-0003 ๐Ÿ”ด critical Token Embezzlement (EDoS)
AVE-2025-0035 ๐ŸŸก medium Attention Smoothing
AVE-2025-0038 ๐ŸŸ  high Autonomous Resource Exhaustion

๐Ÿท๏ธ social โ€” Collusion, bystander effect, social loafing (4 cards)

AVE-2025-0005 ๐ŸŸก medium CYA Cascade
AVE-2025-0021 ๐ŸŸ  high Algorithmic Bystander Effect
AVE-2025-0025 ๐ŸŸ  high Agent Collusion
AVE-2025-0046 ๐Ÿ”ด critical Emergent Collusion in Agent Teams

๐Ÿท๏ธ structural โ€” Cascade corruption, routing deadlock (8 cards)

AVE-2025-0011 ๐ŸŸก medium Prompt Satiation
AVE-2025-0016 ๐ŸŸก medium Upgrade Regression
AVE-2025-0017 ๐ŸŸ  high Container Isolation Bleed
AVE-2025-0018 ๐ŸŸก medium Somatic Blindness
AVE-2025-0020 ๐Ÿ”ด critical Multi-Pathology Compound Attack
AVE-2025-0023 ๐ŸŸก medium Static Topology Fragility
AVE-2025-0044 ๐ŸŸ  high Schema Poisoning Attack
AVE-2025-0048 ๐ŸŸก medium Context Window Boundary Attack

๐Ÿท๏ธ temporal โ€” Chronological desync, sleeper payloads (3 cards)

AVE-2025-0013 ๐ŸŸก medium Chronological Desync
AVE-2025-0029 ๐Ÿ”ด critical Temporal Sleeper Agent
AVE-2025-0041 ๐ŸŸก medium Temporal Consistency Drift

๐Ÿท๏ธ tool โ€” Confused deputy, tool chain exploits, MCP poisoning (3 cards)

AVE-2025-0014 ๐ŸŸ  high MCP Tool Registration Poisoning
AVE-2025-0026 ๐Ÿ”ด critical Confused Deputy Attack
AVE-2025-0032 ๐Ÿ”ด critical Multi-Hop Tool Chain Exploitation