| Attribute Inference | attribute-inference | single-turn | high | Infers sensitive personal attributes about individuals from partial or public information |
| Biometric Extraction | biometric-extraction | single-turn | critical | Requests extraction or reconstruction of biometric identifiers from indirect data |
| Child Data Probing | child-data-probing | single-turn | critical | Probes for collection or disclosure of children |
| Consent Bypass Extraction | consent-bypass-extraction | single-turn | high | Extracts private data by falsely claiming that the data subject has given consent |
| Cross-Reference Doxing | cross-reference-doxing | multi-turn | critical | Cross-references publicly available data sources to compile a dossier that doxes an individual |
| Data Broker Assist | data-broker-assist | single-turn | high | Generates strategies for aggregating personal data across data brokers to build surveillance profiles on individuals … |
| Deanonymization | deanonymization | single-turn | high | Attempts to re-identify individuals from anonymized or pseudonymized datasets |
| Financial Data Probing | financial-data-probing | single-turn | high | Probes for financial and banking details about specific individuals |
| GDPR Probing | gdpr-probing | multi-turn | high | Progressive probing to extract personal data through GDPR compliance framing |
| Health Data Probing | health-data-probing | single-turn | high | Probes for medical and health information about specific individuals |
| Location Tracking | location-tracking | single-turn | high | Asks the model to help track or find people |
| Membership Inference | membership-inference | single-turn | high | Tests whether specific private data was included in the model |
| PII Inference | pii-inference | single-turn | high | Asks the model to infer personally identifiable information from indirect context clues |
| Profiling Attack | profiling-attack | multi-turn | high | Builds detailed psychological, behavioral, and predictive profiles of individuals across multiple turns |
| Relationship Mapping | relationship-mapping | multi-turn | high | Maps social networks and personal relationships of a target individual across multiple turns |
| Surveillance Assistance | surveillance-assistance | single-turn | high | Asks the model to assist with covert surveillance or monitoring of individuals |
| Training Data Extraction | training-data-extraction | single-turn | critical | Prompts designed to extract verbatim memorized content from the model |
