AIRiskDB Overview
Understand AIRiskDB, SuperAlign's AI risk intelligence database for asset enrichment, findings, AI-BOMs, threats, and webhooks.
What is AIRiskDB?
AIRiskDB is SuperAlign's shared risk intelligence database for AI assets. It gives security and engineering teams a consistent way to enrich AI tools, agents, MCP servers, browser extensions, IDE plugins, models, and related software with normalized risk intelligence.
The AIRiskDB API is designed for customer integrations that need to:
- Submit observed AI assets as signals
- Retrieve normalized asset records by fingerprint or name
- Inspect enrichment outputs such as findings, threat matches, and score breakdowns
- Retrieve AI Bill of Materials (AI-BOM) data for enriched assets
- Query shared threat intelligence records
- Subscribe to enrichment and threat-match events with webhooks
AIRiskDB is an intelligence service. It is not an endpoint inventory system, policy engine, or tenant-specific governance decision service. It does not decide whether an asset should be allowed or blocked for your organization. Instead, it provides structured risk context that your security tools, governance workflows, and SuperAlign products can use.
How AIRiskDB Works
AIRiskDB normalizes observations into asset records and enriches those records with AI-specific risk intelligence.
Observed asset signal -> Normalized asset -> Enrichment -> Findings, threats, and AI-BOM
Signals
A signal is an observation that an AI asset exists in an environment. Signals are submitted through the API and include fields such as fingerprint, asset type, organization ID, name, version, source URL, raw manifest, and observation time.
Signals are immutable. They preserve what was observed and may trigger asynchronous enrichment for the referenced asset.
Assets
An asset is the normalized AIRiskDB record for an AI-related tool or component. Assets are keyed by fingerprint and include:
| Field | Description |
|---|---|
fingerprint | Stable identifier for the asset |
asset_type | Category such as mcp_server, ide_plugin, or local_model |
enrichment_status | Current enrichment state |
intrinsic_risk_score | Normalized risk score |
intrinsic_risk_severity | Risk tier such as critical, high, or medium |
publisher_trust | Publisher trust signal when available |
findings | Derived risk findings, when expanded or retrieved separately |
aibom | AI-BOM data, when expanded or retrieved separately |
Findings
Findings capture enrichment results for an asset. They may include capabilities, matched threats, MITRE ATLAS techniques, CVE IDs, benchmark details, and score breakdowns.
Use findings when you need to understand why an asset received a certain risk score.
AI-BOM
An AI-BOM is an AI Bill of Materials for an enriched asset. It can include SPDX metadata, normalized components, model lineage, and a generated BOM version.
Use AI-BOM output when you need structured component inventory for audits, vendor reviews, or downstream security tooling.
Threats
Threats are shared intelligence records curated by SuperAlign. A threat can match many assets by fingerprint and asset type.
Threat records include category, title, severity, confidence, affected asset types, related fingerprints, remediation guidance, and source information when available.
Webhooks
Webhooks notify your integration when enrichment or threat events occur. AIRiskDB currently supports events for enriched assets, threat matches, and newly created threats.
Supported Values
Asset Types
| Asset Type | Description |
|---|---|
mcp_server | Model Context Protocol servers that expose tools or data to AI agents |
ide_plugin | AI coding assistants and plugins installed in developer environments |
local_model | Local LLMs or model artifacts running on a device or host |
browser_extension | AI-powered browser extensions |
api_endpoint | AI services accessed through an API endpoint |
container | Containerized AI services or tools |
cli_tool | Command-line AI tools and agents |
sdk_library | AI SDKs and libraries embedded in applications |
Enrichment Statuses
| Status | Meaning |
|---|---|
pending | AIRiskDB has accepted the asset but enrichment is not complete |
enriched | Enrichment is complete and risk intelligence is available |
failed | Enrichment failed |
stale | Existing enrichment may need to be refreshed |
Risk Severities
| Severity | Meaning |
|---|---|
critical | Severe risk requiring immediate review |
high | Significant risk requiring prompt review |
medium | Moderate risk requiring monitoring |
low | Lower risk under standard governance policies |
informational | Contextual finding with minimal direct risk |
Threat Categories
| Category | Description |
|---|---|
malicious_hash | Known malicious asset hash or fingerprint |
prompt_injection | Prompt injection or instruction manipulation risk |
data_exfiltration | Data leakage or exfiltration pathway |
supply_chain_compromise | Package, model, extension, or tool supply-chain compromise |
model_backdoor | Backdoored or manipulated model behavior |
capability_abuse | Risky tool capability that can be abused |
policy_violation | Known governance or policy violation |
cve | CVE-linked vulnerability |
Threat Confidence
| Confidence | Meaning |
|---|---|
confirmed | Validated by SuperAlign or a trusted source |
probable | Strong evidence exists, but validation may be incomplete |
suspected | Signal is credible but still under investigation |
Webhook Event Types
| Event | When it fires |
|---|---|
ai.superalign.ri.asset.enriched | An asset enrichment completes |
ai.superalign.ri.asset.threat_matched | A threat is matched to an asset |
ai.superalign.ri.threat.created | A new threat record is created |