Disclosure of confidential or proprietary information
Confidential, proprietary, or trade-secret information (organizational or third-party secrets, as distinct from personal data covered by MR-009 and MR-011) is leaked through user prompts, model outputs, or system-prompt extraction.
- Risk family
- Data, privacy & content liability
- MIT domain
- 2. Privacy & Security
- MIT subdomain
- 2.1 > Compromise of privacy by leaking or correctly inferring sensitive information
- AI type
- GPAI, Agentic
- Scope
- Both
- Source standard
- MIT AI Risk Repository v4
Provenance
9 source framework citation keys
Framework crosswalk
Every framework item mapped to this risk. Items marked partial overlap only in part; definitions appear on hover where the source licence permits.
- A.11 ISO/IEC 23894 Annex A A.11
- A.8 ISO/IEC 23894 Annex A A.8
- A.7.2 ISO/IEC 42001 Annex A A.7.2
- A.8.2 ISO/IEC 42001 Annex A A.8.2
Expanded into this risk’s technique sub-risks.
- ibm-confidential-data-in-prompt Confidential data in prompt
- ibm-confidential-information-in-data Confidential information in data
- ibm-ip-information-in-prompt IP information in prompt partial
- ibm-prompt-leaking Prompt leaking
- ibm-revealing-confidential-information Revealing confidential information
- ibm-sharing-ip-pi-confidential-information-with-tools Sharing IP/PI/confidential information with tools
- AISubtech-14.1.1 Credential Theft partial
- AISubtech-15.1.24 Intellectual Property Compromise: Confidential Data
- AISubtech-7.4.1 Token Theft partial
- AISubtech-8.3.1 Tool Metadata Exposure
- AISubtech-8.3.2 System Information Leakage
- AISubtech-8.4.1 System LLM Prompt Leakage
- NISTAML.035 Prompt Extraction
- LLM02:2025 Sensitive Information Disclosure
- LLM07:2025 System Prompt Leakage
Sub-risks (2)
Technique-level decompositions of this risk, each anchored to the MITRE ATLAS technique it derives from.
Models, data, or other AI artifacts are exfiltrated using conventional intrusion techniques.
Attackers extract the system prompt and hidden instructions, exposing proprietary logic and guardrails.
Part of the Deployer AI Risk Register, an open-source resource developed by MindXO. Version 1.0, 3 July 2026. Derived from the MIT AI Risk Repository (V4, December 2025) under CC BY 4.0; an independent derivative work, not endorsed by or affiliated with MIT. Sub-risk decomposition references MITRE ATLAS™ v5.6.0 (© 2021-2026 The MITRE Corporation, reproduced and distributed with permission). ISO/IEC and EU AI Act references are by number only. License: CC BY 4.0. Full attribution and licensing.