Risk
Insufficient Multimodal Security Testing
Description
Red-team testing misses risks unique to models handling images, audio, or video.
Example
Malicious image or audio triggers model to leak data or bypass controls.
Assets Affected
Model Inference endpoint
Mitigation
- Add multimodal attack simulations to red-team scope
- Test for injection and content abuse in all formats
- Require manual review for high-risk outputs
Standards Mapping
- ISO 42001: A.6.2.4, A.7.2
- NIST AI RMF: MEASURE 2.3, MEASURE 2.5