DARR
MR-013 Data, privacy & content liability Both scope

Disclosure of confidential or proprietary information

Confidential, proprietary, or trade-secret information (organizational or third-party secrets, as distinct from personal data covered by MR-009 and MR-011) is leaked through user prompts, model outputs, or system-prompt extraction.

Risk family
Data, privacy & content liability
MIT domain
2. Privacy & Security
MIT subdomain
2.1 > Compromise of privacy by leaking or correctly inferring sensitive information
AI type
GPAI, Agentic
Scope
Both
Source standard
MIT AI Risk Repository v4

Provenance

Source standard
MIT AI Risk Repository v4
Source frameworks
9 source framework citation keys
AIVerify2023, Abercrombie2024, Cunha2023, EPIC2023, IBM2025, Li2025, NIST2024, Nah2023, Zeng2024
ISO/IEC references
23894 obj A.8, A.11; src 6, 10; mech B.5 | 42001 ctrl A.7.2, A.8.2

Framework crosswalk

Every framework item mapped to this risk. Items marked partial overlap only in part; definitions appear on hover where the source licence permits.

Sourcesframeworks that contributed to the register
ISO 238942
  • A.11 ISO/IEC 23894 Annex A A.11
  • A.8 ISO/IEC 23894 Annex A A.8
ISO 420012
  • A.7.2 ISO/IEC 42001 Annex A A.7.2
  • A.8.2 ISO/IEC 42001 Annex A A.8.2
MITRE ATLAS2

Expanded into this risk’s technique sub-risks.

Cross-checksframeworks mapped in to test coverage
IBM6
  • ibm-confidential-data-in-prompt Confidential data in prompt
  • ibm-confidential-information-in-data Confidential information in data
  • ibm-ip-information-in-prompt IP information in prompt partial
  • ibm-prompt-leaking Prompt leaking
  • ibm-revealing-confidential-information Revealing confidential information
  • ibm-sharing-ip-pi-confidential-information-with-tools Sharing IP/PI/confidential information with tools
Cisco6
  • AISubtech-14.1.1 Credential Theft partial
  • AISubtech-15.1.24 Intellectual Property Compromise: Confidential Data
  • AISubtech-7.4.1 Token Theft partial
  • AISubtech-8.3.1 Tool Metadata Exposure
  • AISubtech-8.3.2 System Information Leakage
  • AISubtech-8.4.1 System LLM Prompt Leakage
NIST AML1
  • NISTAML.035 Prompt Extraction
OWASP LLM2
  • LLM02:2025 Sensitive Information Disclosure
  • LLM07:2025 System Prompt Leakage

Sub-risks (2)

Technique-level decompositions of this risk, each anchored to the MITRE ATLAS technique it derives from.

MR-013.1

Exfiltration of AI artifacts via cyber means

#

Models, data, or other AI artifacts are exfiltrated using conventional intrusion techniques.

MITRE ATLAS technique: AML.T0025 Exfiltration via Cyber Means
MR-013.2

System-prompt and instruction extraction

#

Attackers extract the system prompt and hidden instructions, exposing proprietary logic and guardrails.

MITRE ATLAS technique: AML.T0056 Extract LLM System Prompt

More in Data, privacy & content liability

Part of the Deployer AI Risk Register, an open-source resource developed by MindXO. Version 1.0, 3 July 2026. Derived from the MIT AI Risk Repository (V4, December 2025) under CC BY 4.0; an independent derivative work, not endorsed by or affiliated with MIT. Sub-risk decomposition references MITRE ATLAS™ v5.6.0 (© 2021-2026 The MITRE Corporation, reproduced and distributed with permission). ISO/IEC and EU AI Act references are by number only. License: CC BY 4.0. Full attribution and licensing.