K0NSULT // ai-truth/ipIII
k0nsult.cloud / ai-truth / ipIII / ai-risk-map / en

AI Risk Map

Catalogue of layer 2 of the K0NSULT model: AI and agentic incidents. Every risk is described with its response priority, the applicable AI Act flag, its human-oversight status (AI Act art. 14) and a link to the relevant playbook. Below is a quick test to qualify a system as high-risk.

NOTICE โ€” DEMONSTRATION DATA. Numbers and incident examples are labelled SIMULATION. References to the AI Act (art. 6 / Annex III โ€” high-risk, art. 14 โ€” human oversight, art. 50 โ€” transparency, art. 73 โ€” reporting of serious incidents) describe the publicly known text of the regulation as a methodological framing, not an assessment of any specific entity.
8
AI risk classes
model layer 2
54
AI events (7 days)
SIMULATION
3
Flagged AI_SERIOUS_INCIDENT
potential art. 73
5
With disabled/weak oversight
human oversight = risk

Catalogue of AI/agentic risks SIMULATION

Prompt injection

P1AI_ACT_RELEVANT

Injection of instructions into input data (direct or indirect โ€” from a document or web page) that overrides the model's policy, exfiltrates data or triggers unwanted agent actions. Method reference: MITRE ATLAS / OWASP LLM01.

Human oversight: required for actions with external effect (payment, e-mail, configuration change).

โ†’ Playbook: prompt injection

Agent hijack

P0AI_SERIOUS_INCIDENTAI_HIGH_RISK

Takeover of an autonomous agent โ€” abuse of its privileges (APIs, tokens, system access) to act on behalf of the organisation outside the operator's intent.

Human oversight: CRITICAL โ€” immediate agent cut-off (kill-switch) requires sign-off from the AI Safety Officer.

โ†’ Playbook: agent hijack

Data poisoning

P1AI_HIGH_RISK

Poisoning of training / fine-tuning data or the RAG store to introduce a backdoor, bias or quality degradation in the model. The effect often surfaces with a delay.

Human oversight: validation of data sources and dataset versioning (data provenance).

โ†’ AI/Agent Security

Model extraction

P2AI_ACT_RELEVANT

Model theft via mass querying (query-based extraction) or exfiltration of weights/parameters โ€” loss of intellectual property and a vector for further offline attacks.

Human oversight: query-pattern monitoring, rate-limiting, anomaly detection.

โ†’ AI/Agent Security

False claim / hallucination

P1AI_ACT_RELEVANT

The model generates false, fabricated or unverified information presented as fact โ€” risk of decisions made on a wrong basis, especially in financial and advisory services.

Human oversight: claim โ‰ค proof doctrine โ€” a claim without proof = GAP status, not publication.

โ†’ Playbook: hallucination

Deepfake

P1AI_ACT_RELEVANT (art.50)

Synthetic voice / video / document used for fraud (e.g. a "call from the CEO"), identity-verification bypass or disinformation. AI Act art. 50: obligation to label generated content.

Human oversight: out-of-band verification (second channel) for financial instructions.

โ†’ Playbook: deepfake

Serious AI incident

P0AI_SERIOUS_INCIDENT

An event involving an AI system that causes (or threatens) serious harm: to health, fundamental rights, critical infrastructure or property. AI Act art. 73 โ€” reporting obligation.

Human oversight: Legal/DPO + AI Safety Officer decision on reporting to the authority within the deadline.

โ†’ Playbook: AI Act / reporting

Agent identity risk

P1AI_ACT_RELEVANT

A false or unverified agent identity: impersonation of a service, lack of agent-to-agent authentication, an agent operating without an assigned owner/accountability.

Human oversight: agent registry, assigned owner, authentication (DID/PKI, PQC layer).

โ†’ AI/Agent Security

Distribution of AI events by class SIMULATION

Risk classEvents (demo)Base priorityAI Act flagHuman oversight
Prompt injection18P1AI_ACT_RELEVANTRequired
Agent hijack9P0AI_SERIOUS_INCIDENTCritical
Hallucination / false claim8P1AI_ACT_RELEVANTRequired
Deepfake7P1AI_ACT_RELEVANT (art.50)Required
Data poisoning5P1AI_HIGH_RISKRequired
Model extraction4P2AI_ACT_RELEVANTRecommended
Agent identity risk3P1AI_ACT_RELEVANTRequired

Quick test: is the system "high-risk"? AI Act framing

A preliminary, indicative qualification test following the logic of the AI Act (art. 6 + Annex III). It does not replace legal assessment. If a system meets any of the following and does not fall within the exemptions โ€” treat it provisionally as high-risk and proceed to Compliance.

Does the AI system affect any of the following areas?

If YES for โ‰ฅ1 item โ†’ preliminary classification AI_HIGH_RISK. Trigger the obligations: risk management, data quality, technical documentation, logging, human oversight (art. 14), cybersecurity and robustness (art. 15). Deadlines and scope โ€” verify with Legal/DPO.

Human oversight as a measure of risk SIMULATION

The K0NSULT system treats the absence or weakening of human oversight as a standalone risk factor โ€” independent of the threat type. An agent with privileges to perform irreversible actions without an approval point = priority escalation.

Active oversight

A human approves actions with external effect. desired state

Passive oversight

A human sees the log post-factum, does not block. medium risk

Oversight disabled

The agent operates fully autonomously in production. high risk

Kill-switch

Ability to cut off the agent immediately. required for P0/P1

Principle. The AI Risk Map (layer 2) joins the Cyber Map (layer 1) in the Threat Map. An AI event flagged AI_SERIOUS_INCIDENT is routed automatically to the Legal Board with the art. 73 clock. A high-risk classification triggers the checklist in Compliance.
Report AI incidentโ†’Intakeโ†’Classification + flagsโ†’AI Playbookโ†’Legal (art.73?)