QSearchQSearch

Step 4 of 5

AI integration surface

If the application uses AI — LLM API, vector store, agentic system — the AI surface gets its own analysis. Prompt injection, model extraction, training-data leakage, agentic privilege escalation. Each examined as a distinct attack class.

Step 4 of 5 — AI integration surface

What we look for

every place the AI surface accepts input that crosses a trust boundary.

What we find

prompt-injection surfaces the team didn’t know existed; RAG pipelines that leak training data; agentic privileges that escalate further than intended.

What we conclude

AI surface is a first-class attack surface, scoped into the engagement at the same depth as the rest of the stack.