Frequently Asked Questions
Everything you need to know about the AI Risk Repository, its methodology, and how to use this data.
What is the AI Risk Repository?
The AI Risk Repository consists of three fundamental parts:
- Risk Database: Captures over 1400 risks extracted from 43 existing AI risk frameworks and classifications.
- Causal Taxonomy: Classifies how, when, and why these risks occur.
- Domain Taxonomy: Classifies these risks into 7 domains and 23 subdomains.
This repository is part of the MIT AI Risk Initiative, which aims to raise awareness and adopt best practices in risk management across the Artificial Intelligence ecosystem.
Why is the number of risks lower than in the official MIT repository?
We have carried out a curation process to ensure data reliability. While the original repository has over 1,800 entries, many are partial records or placeholders. For this version, we have filtered cases that:
- Lack critical information: We removed entries that had no description or whose data was insufficient to understand the risk.
- Have incomplete metadata: We excluded risks where key structural fields like Entity, Intent, Timing, or Domain were listed as "Not coded" or "Excluded".
- Field simplification: We omitted internal management columns (QuickRef, Ev_ID, P.Def) that did not provide direct value for analysis.
The result is a consolidated set of 1,368 verifiable and complete risks, ready for consultation.
To consult the original raw database, you can access the original spreadsheet copy.
How were the translations done?
Initial translations were performed with the support of advanced language models and were subsequently reviewed, normalized, and contextualized by experts to ensure terminological consistency and conceptual fidelity with the original source (MIT).
Found an error or inaccuracy? Please report it on our contact page.
AI-Generated Mitigations
The mitigation ideas presented in this repository were generated using Large Language Models (LLMs). Because of this, there is an inherent risk of hallucinations or inaccuracies.
Please use these suggestions with caution and consider them only as illustrative examples or starting points, not as definitive technical advice.
Prompt used for generation:
Data Access and API for Developers
We believe in open science. We make our entire structured dataset available to researchers, developers, and tool builders.
Full Dataset
Includes unique identifiers (ID), categories, detailed descriptions, and classification metadata.
Access Dataset (Google Sheets) →API Endpoint
Lightweight endpoint for programmatic consumption, ideal for dashboards or educational applications.
Access Endpoint (JSON) →Classification Taxonomies
1. Entity
- AI: Due to a decision or action made by an AI system.
- Human: Due to a decision or action made by humans.
- Other: Due to some other reason or ambiguous cause.
2. Intent
- Intentional: Expected result when pursuing a goal.
- Unintentional: Unexpected result when pursuing a goal.
- Other: Without clearly specified intent.
3. Timing
- Pre-deployment: Before the AI is deployed (training, design).
- Post-deployment: After being put into operation.
- Other: Without clearly specified timing.
The 7 Risk Domains
1. Discrimination and Toxicity
- • Unfair discrimination and misrepresentation
- • Exposure to toxic content
- • Unequal performance across groups
2. Privacy and Security
- • Privacy violation (leakage/inference)
- • Security vulnerabilities and attacks
3. Misinformation
- • False or misleading information
- • Information ecosystem pollution
- • Loss of consensual reality
4. Malicious Actors
- • Disinformation and surveillance at scale
- • Fraud, scams, and manipulation
- • Cyberattacks and biological/chemical weapons
5. Human-Computer Interaction
- • Overreliance
- • Loss of agency and human autonomy
- • Unsafe use
6. Socioeconomic and Environmental
- • Centralization of power
- • Increase effectively inequality
- • Devaluation of human work
- • Environmental damage
- • Governance failure
7. System Safety and Failures
- • AI pursuing goals in conflict with humans
- • Emergent dangerous capabilities
- • Lack of robustness or transparency
- • Multi-agent risks
How to use the Repository?
For Policymakers
- • Understand the research landscape.
- • Conduct risk assessments to inform decisions.
- • Monitor emerging risks and ensure oversight.
- • Prioritize and plan funding.
For Risk Evaluators
- • Identify new or undocumented risks.
- • Curate or create related assessments.
- • Determine audit scope.
For Industry
- • Conduct internal risk assessments.
- • Develop mitigation strategies.
- • Internal team training.
For Academics
- • Find under-explored research areas.
- • Develop educational material.
- • Understand the existing landscape.
Methodology & Taxonomy
Organizing chaos: A scientific structure to classify Artificial Intelligence risks based on their nature, impact, and level of abstraction.
The Chemical Metaphor
Just as the Periodic Table organizes elements by atomic weight and chemical reactivity, the AI Risk Table organizes threats by their Technical Nature (Vertical Groups) and Complexity Level (Horizontal Periods).
Classification by Groups (Columns)
Groups 1-2: "Reactive Metals" (Security)
Primarily captures cybersecurity and technical failure dynamics. These risks tend to be volatile and immediate, often triggered by external agents.
Includes categories
Primary categories
Groups 3-12: "Transition Metals" (Systemic)
Primarily captures structural and systemic dynamics, with cumulative impact over time. This group often includes socioeconomic effects, but also other domains.
Includes categories
Primary categories
Also includes
Groups 13-17: "Non-Metals" (Ethics & Society)
Primarily captures human and societal interface dynamics. This group often includes bias, privacy, manipulation, and rights-related risks.
Includes categories
Primary categories
Also includes
Group 18: "Noble Gases" (Existential Risks)
Primarily captures existential and catastrophic dynamics. These risks are often systemic and difficult to detect early.
Includes categories
Primary categories
Methodology: How Severity Is Calculated
Severity is computed with an explainable v2 weighted rubric. Each risk is scored on 5 factors (1-5), then converted to a 1-10 severity score. We also apply continuity calibration so updates remain stable over time.
Formula
raw = 0.35*impact + 0.20*scale + 0.20*irreversibility + 0.15*mitigationDifficulty + 0.10*timeToHarm
severity = round(clamp(1 + (raw - 1) * 2.25, 1, 10))
Factors and weights
- Impact (35%): How severe the harm is.
- Scale (20%): How many people/systems can be affected.
- Irreversibility (20%): How hard the damage is to reverse.
- Mitigation difficulty (15%): How hard it is to detect/contain.
- Time to harm (10%): How quickly the harm can materialize.
Scores are calibrated by category baseline + group dynamics (columns) + specific outlier adjustments when needed.
Confidence (1-5) is shown separately to reflect uncertainty; it is not multiplied into severity.
Placeholder tiles are excluded from severity analytics.
Educational Resources
Can I download printable versions of the risks for workshops or classes?
Yes! We have created a beautiful, ready-to-print PDF deck of all 118 risks.
Each card is designed to be clear and visually appealing, making them ideal physical assets for teaching, brainstorming, and collaborative risk-mapping sessions.
(Note: The file is large, please allow time for download. Recommended printing specs: A6 or A5 size on cardstock paper.)
5 Ideas for Workshops & Classroom Activities
1. The "Risk Draft" (Building a Scenario)
Goal: Understand risk interdependencies.
How: Divide participants into teams of 3-4. Give them a fictional AI product (e.g., "A chatbot for mental health support").
Activity: Each team "drafts" 5 cards from the deck that they believe are the most critical risks for that specific product. They must present their "hand" and justify why those risks are paramount and how they might interact with each other.
2. "Mitigation Poker" (Solution Brainstorming)
Goal: Shift focus from problems to solutions.
How: Place a risk card in the center of the table (e.g., "Data Poisoning").
Activity: Participants have 5 minutes to write down a concrete technical or policy mitigation strategy on a sticky note. They place their notes face down. Reveal them simultaneously. The group votes on the most robust, realistic solution. The winner keeps the risk card as a "point".
3. The "Pre-Mortem" Mapping
Goal: Visualizing system failure paths.
How: Use a large whiteboard or wall. Draw a timeline from "Data Collection" to "Deployment".
Activity: Give participants a handful of cards. Ask them to physically tape the cards onto the timeline where that specific risk is most likely to originate. This creates a visual "heat map" of where the project pipeline is most vulnerable.
4. "Red Team vs. Blue Team" Debate
Goal: Critical thinking and adversarial mindset.
How: Select a controversial card (e.g., "Automated Warfare"). Split the room into two groups.
Activity: Red Team: Has 10 minutes to construct the "worst-case scenario" narrative using that card. Blue Team: Has 10 minutes to propose a governance framework to prevent that specific scenario. They present their arguments, followed by a moderated Q&A.
5. Risk Categorization Sorting
Goal: Familiarity with the taxonomy domains (Privacy, Security, etc.).
How: Shuffle a subset of 50 cards.
Activity: Challenge small groups to sort the cards into their correct high-level categories (e.g., "Human-Computer Interaction," "Socioeconomic Impact") as fast as possible without looking at the color coding on the front. This forces them to read the definitions and understand the underlying domain concepts.
AI use in Observatory
For the Safety Observatory, we use the Gemini API to analyze the original paper. It infers the category and generates a simplified abstract (ELI5) to make the content more accessible to a broader audience.