knowledge-base-poisoning · tool-use · OWASP: LLM08, LLM06 · MITRE: AML.T0020, AML.T0051.000Tests if an agent can be tricked into writing adversarial content into the knowledge base that affects future retrievalsRun it:embedding-collision · single-turn · OWASP: LLM08 · MITRE: AML.T0043.003, AML.T0068Exploits embedding model weaknesses where semantically different texts produce similar vectors, allowing adversarial retrievalRun it:retrieval-manipulation · tool-use · OWASP: LLM01, LLM08 · MITRE: AML.T0051.000, AML.T0068Manipulates RAG retrieval by crafting queries that surface poisoned or adversarial documents from the vector storeRun it:chunk-boundary-exploit · single-turn · OWASP: LLM08 · MITRE: AML.T0054, AML.T0068Exploits document chunking boundaries in RAG systems where safety-critical context gets split across chunksRun it:citation-hallucination · single-turn · OWASP: LLM09, LLM08 · MITRE: AML.T0054, AML.T0068Tests if a RAG system fabricates citations or attributes harmful content to legitimate retrieved sourcesRun it: