An actor with write access injects malicious or misleading embeddings into the vector store, degrading the accuracy of retrieved grounding context; the dense numerical representation makes the tampering hard to detect.
AI/ML / Multi Agent Refarch / Threats / DEV
Embedding-store poisoning degrades retrieved context
CCC.MARefArc.TH04
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.MARefArc.CP13 | Vector-based semantic retrieval | Vector databases providing semantic search and grounding so agents can find relevant information from large text corpora. |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.MARefArc.CN04 | Data Quality and Classification | Assess the quality of, and assign classification and sensitivity labels to, all data used for grounding, training, and fine-tuning, and enforce handling rules derived from those labels throughout the Knowledge and LLM layers. |
| CCC.MARefArc.CN09 | Encryption of AI Data at Rest | Encrypt AI data at rest, including the vector store and source repositories, so that storage-level access does not expose embeddings or sensitive content. |
| CCC.MARefArc.CN22 | Preserving Source Data Access Controls in AI Systems | Propagate the access controls of source data into the retrieval path so that retrieval and generation cannot expose content a requesting user is not authorized to see. |
External Mappings
| Framework | ID | Remarks |
|---|---|---|
| air-vec | AIR-SEC-002-03 |