About PromptRiskDB

Overview

Datasets5ATLAS, MIT AI Risk, ATT&CK, CISA KEV, and NVD.

Page buildingSQLitePages are built from cleaned local copies of public records.

ClaimsSource-basedNo incident facts are invented by the page builder.

Details

Dataset sources, attribution, and notes about how pages are built.

PromptRiskDB builds AI security pages from public records. The site connects MITRE ATLAS techniques, mitigations, case studies, MIT AI Risk Repository records, MITRE ATT&CK context, CISA KEV entries, and selected NVD CVE enrichment.

Every page is generated from imported records and saved relationships. The exporter may add headings, summaries, navigation, and source links, but it does not invent incident facts, vulnerability details, or dataset claims.

How pages are built

Pages are built from cleaned local copies of public records and saved connections between them. The page builder adds structure, headings, and labels, but does not create new incident facts or vulnerability claims outside the imported datasets.

Sources and attribution

Original source

CISA Known Exploited Vulnerabilities

CISA KEV marks CVEs that are known to have been exploited and adds vendor, product, remediation, and ransomware context.

Imported asjson-or-csvUpstream refcisagov/kev-dataLicense/termsCC0 1.0Use noteNo endorsement implied by CISA.

Cataloghttps://www.cisa.gov/known-exploited-vulnerabilities-catalog Data repositoryhttps://github.com/cisagov/kev-data

Original source

MIT AI Risk Repository

The MIT AI Risk Repository provides AI risk records, domain taxonomy, causal taxonomy, and publication metadata.

Imported asxlsxUpstream refairisk.mit.edu AI Risk DatabaseLicense/termsCC BY 4.0Use noteMIT AI Risk Initiative attribution required.

Repositoryhttps://airisk.mit.edu/

Original source

MITRE ATLAS Data

ATLAS provides the AI security tactics, techniques, mitigations, and case studies used as the central map for these pages.

Imported asyamlUpstream refmitre-atlas/atlas-data dist/ATLAS.yamlLicense/termsApache-2.0Use noteATLAS data is used with MITRE attribution.

Repositoryhttps://github.com/mitre-atlas/atlas-data ATLAS.yamlhttps://github.com/mitre-atlas/atlas-data/blob/main/dist/ATLAS.yaml Schemahttps://github.com/mitre-atlas/atlas-data/blob/main/dist/schemas/atlas_output_schema.json

Original source

MITRE ATT&CK Enterprise STIX

MITRE ATT&CK Enterprise provides the broader cybersecurity technique, tactic, mitigation, and STIX context linked from ATLAS records.

Imported asstix-jsonUpstream refmitre-attack/attack-stix-data enterprise-attack.jsonLicense/termsMITRE ATT&CK termsUse noteCommercial use allowed with MITRE copyright and license notice.

Repositoryhttps://github.com/mitre-attack/attack-stix-data Enterprise JSONhttps://github.com/mitre-attack/attack-stix-data/blob/master/enterprise-attack/enterprise-attack.json

Original source

NVD CVE API 2.0

NVD enriches selected CVEs with severity, status, references, weakness, and vulnerability detail fields.

Imported asapiUpstream refhttps://services.nvd.nist.gov/rest/json/cves/2.0License/termsNIST public dataUse noteDisplay NVD non-endorsement notice when using API data.

CVE API docshttps://nvd.nist.gov/developers/vulnerabilities Data feedshttps://nvd.nist.gov/vuln/data-feeds