### File Drops Pattern Definition (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines the 'File Drops' pattern for detecting files created outside the skill directory during installation. This pattern is crucial for identifying attempts to persist malicious files in system or user directories. It includes ID, name, dimension, description, and max severity. ```yaml - id: "T4.1" name: "File Drops" dimension: "clone_behavior" description: "Detects files created outside the skill directory during install" max_severity: "CRITICAL" ``` -------------------------------- ### Manifest Spoofing Pattern Definition (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines the 'Manifest Spoofing' pattern, which identifies package.json install scripts and mismatched metadata that could lead to malicious code execution. It includes the pattern's ID, name, dimension, description, and maximum severity. ```yaml - id: "T3.2" name: "Manifest Spoofing" dimension: "prompt_injection" description: "Detects package.json install scripts and mismatched metadata" max_severity: "HIGH" ``` -------------------------------- ### Load and Print Taxonomy Version (Python) Source: https://context7.com/oathe-ai/otc/llms.txt Demonstrates how to programmatically load the OTC threat taxonomy from a YAML file using Python's PyYAML library. It then prints the version and methodology version of the taxonomy. ```python import yaml # Load the taxonomy with open('taxonomy/patterns.yaml', 'r') as f: taxonomy = yaml.safe_load(f) print(f"OTC Version: {taxonomy['version']}") print(f"Methodology Version: {taxonomy['methodology_version']}") ``` -------------------------------- ### Iterate and Print AI Threat Patterns (Python) Source: https://context7.com/oathe-ai/otc/llms.txt This snippet demonstrates how to iterate through a list of AI threat patterns within a taxonomy structure. It prints the ID, name, maximum severity, dimension, and description for each pattern. No external dependencies are required beyond the assumed 'taxonomy' dictionary structure. ```python for pattern in taxonomy['patterns']: print(f"{pattern['id']}: {pattern['name']} [{pattern['max_severity']}]") print(f" Dimension: {pattern['dimension']}") print(f" Description: {pattern['description']}") ``` -------------------------------- ### Denial of Service Pattern Definition (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines the 'Denial of Service' pattern, which detects fork bombs, infinite loops, disk fills, and resource exhaustion attacks. This pattern is vital for identifying skills that attempt to crash or degrade the host system. It includes ID, name, dimension, description, and max severity. ```yaml - id: "T5.2" name: "Denial of Service" dimension: "code_execution" description: "Detects fork bombs, infinite loops, disk fills, and resource exhaustion" max_severity: "CRITICAL" ``` -------------------------------- ### OTC T2.2 - Process Spawning Pattern Definition (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines the 'Process Spawning' threat pattern (T2.2), under 'code_execution'. This CRITICAL severity pattern detects suspicious process execution and attempts at privilege escalation by AI skills. ```yaml # Pattern definition from taxonomy/patterns.yaml - id: "T2.2" name: "Process Spawning" dimension: "code_execution" description: "Detects suspicious process execution and privilege escalation attempts" max_severity: "CRITICAL" ``` -------------------------------- ### Prompt Injection Pattern Definition (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines the 'Prompt Injection' pattern, used to detect attempts to override agent instructions or manipulate LLM behavior. It specifies the pattern ID, name, dimension, description, and maximum severity. ```yaml - id: "T3.1" name: "Prompt Injection" dimension: "prompt_injection" description: "Detects prompt injection patterns in skill content" max_severity: "CRITICAL" ``` -------------------------------- ### Cryptomining Pattern Definition (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines the 'Cryptomining' pattern to detect cryptocurrency mining activities or binaries. This pattern helps identify resource abuse through unauthorized mining operations. It includes ID, name, dimension, description, and max severity. ```yaml - id: "T5.1" name: "Cryptomining" dimension: "code_execution" description: "Detects cryptocurrency mining activities or binaries" max_severity: "CRITICAL" ``` -------------------------------- ### OTC T2.1 - Filesystem Escape Pattern Definition (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines the 'Filesystem Escape' threat pattern (T2.1), categorized under 'code_execution'. This HIGH severity pattern identifies attempts to break out of sandboxed environments using path traversal, symlink attacks, or accessing files outside the designated directory. ```yaml # Pattern definition from taxonomy/patterns.yaml - id: "T2.1" name: "Filesystem Escape" dimension: "code_execution" description: "Detects path traversal, symlink attacks, and access outside skill directory" max_severity: "HIGH" # Example threat indicators this pattern would catch: # - Path traversal: ../../etc/passwd # - Symlink creation pointing outside skill directory # - Absolute path access to system directories # - Following symlinks to escape sandbox ``` -------------------------------- ### Environment Sensing Pattern Definition (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines the 'Environment Sensing' pattern, used to detect sandbox detection, environment fingerprinting, and conditional behavior. This pattern identifies skills attempting to evade analysis by behaving differently in analyzed environments. It includes ID, name, dimension, description, and max severity. ```yaml - id: "T6.1" name: "Environment Sensing" dimension: "code_execution" description: "Detects sandbox detection, environment fingerprinting, and conditional behavior" max_severity: "MEDIUM" ``` -------------------------------- ### OTC T1.1 - Direct Exfiltration Pattern Definition (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines the 'Direct Exfiltration' threat pattern (T1.1), categorized under 'data_exfiltration'. It identifies attempts to send data to external endpoints via HTTP, DNS, or raw sockets and is marked as CRITICAL severity. ```yaml # Pattern definition from taxonomy/patterns.yaml - id: "T1.1" name: "Direct Exfiltration" dimension: "data_exfiltration" description: "Detects attempts to send data to external endpoints via HTTP, DNS, or raw sockets" max_severity: "CRITICAL" # Example threat indicators this pattern would catch: # - HTTP POST to unknown external domains # - DNS tunneling attempts # - Raw socket connections to external IPs # - Base64-encoded data in outbound requests ``` -------------------------------- ### OTC Scoring Dimensions Reference (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines six behavioral dimensions used in the OTC methodology for calculating composite trust scores. Each dimension includes a weight, a description, and associated threat pattern T-codes. ```yaml # Scoring dimensions from OTC methodology v1.0.0 dimensions: prompt_injection: weight: 0.30 description: "Attempts to override agent instructions or manipulate LLM behavior" patterns: ["T3.1", "T3.2"] data_exfiltration: weight: 0.25 description: "Unauthorized transmission of data to external endpoints" patterns: ["T1.1", "T1.5"] code_execution: weight: 0.20 description: "Unauthorized process execution, filesystem access, or resource abuse" patterns: ["T2.1", "T2.2", "T5.1", "T5.2", "T6.1"] clone_behavior: weight: 0.10 description: "Behavior that modifies the host system beyond the skill's directory" patterns: ["T4.1"] canary_integrity: weight: 0.10 description: "Whether the skill tampers with monitoring canaries" patterns: [] # Scored by model grader in v1.0.0 behavioral_reasoning: weight: 0.05 description: "Overall behavioral assessment by the model grader" patterns: [] # Scored by model grader in v1.0.0 ``` -------------------------------- ### Filter AI Threat Patterns by Severity (Python) Source: https://context7.com/oathe-ai/otc/llms.txt This code snippet filters a list of AI threat patterns to find those with a 'CRITICAL' maximum severity. It uses a list comprehension for concise filtering and then prints the count of critical patterns found. This assumes the 'taxonomy' dictionary with a 'patterns' key containing pattern objects with a 'max_severity' field. ```python critical_patterns = [p for p in taxonomy['patterns'] if p['max_severity'] == 'CRITICAL'] print(f"\nCRITICAL patterns: {len(critical_patterns)}") ``` -------------------------------- ### Group AI Threat Patterns by Dimension (Python) Source: https://context7.com/oathe-ai/otc/llms.txt This snippet groups AI threat patterns by their 'dimension' using Python's `defaultdict`. It iterates through the patterns, appending each pattern's ID to a list associated with its dimension. Finally, it prints each dimension along with the list of pattern IDs belonging to it. Requires the 'collections' module. ```python from collections import defaultdict by_dimension = defaultdict(list) for pattern in taxonomy['patterns']: by_dimension[pattern['dimension']].append(pattern['id']) for dim, patterns in by_dimension.items(): print(f"{dim}: {patterns}") ``` -------------------------------- ### OTC T1.5 - Credential Harvest Pattern Definition (YAML) Source: https://context7.com/oathe-ai/otc/llms.txt Defines the 'Credential Harvest' threat pattern (T1.5), also under 'data_exfiltration'. This CRITICAL severity pattern detects when AI skills attempt to read sensitive files containing credentials like passwords or API keys. ```yaml # Pattern definition from taxonomy/patterns.yaml - id: "T1.5" name: "Credential Harvest" dimension: "data_exfiltration" description: "Detects access to credential and secret files" max_severity: "CRITICAL" # Example threat indicators this pattern would catch: # - Reading ~/.ssh/id_rsa or ~/.ssh/config # - Accessing ~/.aws/credentials or ~/.config/gcloud/ # - Reading .env files outside skill directory # - Accessing browser credential stores ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.