Updates to address linting errors

Author: RRudder

submissions/description/ai_application_security/adversarial_example_injection/ai_misclassification_attacks/template.md

@@ -1,15 +1,18 @@
 AI misclassification attacks occur when an attacker introduces specially crafted input designed to trick the AI model into making an incorrect prediction or classification. These inputs, known as adversarial examples, are often subtle modifications to legitimate data that are imperceptible to humans but can significantly alter the AI’s output.
 
 **Business Impact**
+
 This vulnerability can lead to reputational and financial damage of the company. The severity of the impact to the business is dependent on the sensitivity of the accessible data being transmitted by the application. 
 
 **Steps to Reproduce**
+
 1. Identify the expected inputs of the AI model
 1. Generate adversarial examples by adding small, targeted perturbations to legitimate inputs:
 
-```prompt
+```
   {malicious input}
 ```
+
 1. Submit the adversarial examples to the AI model
 1. Observe that the model misclassifies the modified input compared to its expected classification
 

submissions/description/ai_application_security/ai_safety/misinformation_wrong_factual_data/template.md

@@ -1,9 +1,11 @@
 AI models can generates or presents inaccurate, false, or misleading information as fact. Misinformation or wrong factual data can happen due to errors in the model's training data, hallucinations (fabrication of information), or a failure to cross-reference with reliable sources.
 
 **Business Impact**
+
 Users may receive and act upon incorrect information, leading to flawed decision-making, reputational damage for the service provider, and potential legal liabilities. There is also a loss of trust in the AI's reliability and accuracy.
 
 **Steps to Reproduce**
+
 1. Submit the following prompts that require factual information
 
 ```prompt

submissions/description/ai_application_security/denial_of_service_dos/application_wide/template.md

@@ -1,23 +1,19 @@
 Application-wide Denial-of-Service (DoS) occurs when an attacker attempts to overload the entire AI application with requests or malicious input, rendering the application unavailable to legitimate users. This can be achieved by sending a flood of queries that exploit resource-intensive processes, or by triggering application crashes.
 
 **Business Impact**
-Complete unavailability of the AI application, leads to service disruption, financial loss, reputational damage, and potential loss of user data.
 
-**Steps to Reproduce**
-
-1. Develop a script or tool to send a high volume of requests to the AI application.
-2. Identify and target resource-intensive features or API endpoints.
-3. Execute the attack and monitor the application's response and availability.
+This vulnerability can lead to reputational and financial damage of the company. The severity of the impact to the business is dependent on the sensitivity of the accessible data being transmitted by the application.
 
+**Steps to Reproduce**
 
-1. Navigate to the following URL:
-1. Inject the following prompt into the LLM:
+1. Obtain access to an account within a specific tenant
+1. Execute the following script to generate a high volume of requests or resource-intensive operations directed at that tenant's resources
 
-```prompt
-  {malicious prompt}
+```python
+  {malicious script}
 ```
 
-1. Observe that the LLM returns sensitive data
+1. Observe that the target tenant's service availability and performance is degraded
 
 **Proof of Concept (PoC)**
 

submissions/description/ai_application_security/denial_of_service_dos/template.md

@@ -1,16 +1,19 @@
 Denial-of-Service (DoS) occurs when an attacker targets and overwhelms the resources of an AI application. This can be achieved through excessive requests, resource-intensive queries, or exploiting vulnerabilities specific to the tenant's configuration. An attacker can leverage this vulnerability to cause disruption or unavailability for that specific tenant without affecting other tenants.
 
 **Business Impact**
+
 This vulnerability can lead to reputational and financial damage of the company. The severity of the impact to the business is dependent on the sensitivity of the accessible data being transmitted by the application. 
 
 **Steps to Reproduce**
+
 1. Obtain access to an account within a specific tenant
 1. Execute the following script to generate a high volume of requests or resource-intensive operations directed at that tenant's resources
 
 ```python
   {malicious script}
 ```
-1. BOserve that the target tenant's service availability and performance is degraded
+
+1. Observe that the target tenant's service availability and performance is degraded
 
 **Proof of Concept (PoC)**
 

submissions/description/ai_application_security/denial_of_service_dos/tenant_scoped/template.md

@@ -1,16 +1,19 @@
 Tenant-Scoped Denial-of-Service (DoS) occurs when an attacker specifically targets and overwhelms a single tenant's resources within a multi-tenant AI application. This can be achieved through excessive requests, resource-intensive queries, or exploiting vulnerabilities specific to the tenant's configuration. An attacker can leverage this vulnerability to cause disruption or unavailability for that specific tenant without affecting other tenants.
 
 **Business Impact**
+
 This vulnerability can lead to reputational and financial damage of the company. The severity of the impact to the business is dependent on the sensitivity of the accessible data being transmitted by the application. 
 
 **Steps to Reproduce**
+
 1. Obtain access to an account within a specific tenant
 1. Execute the following script to generate a high volume of requests or resource-intensive operations directed at that tenant's resources
 
 ```python
   {malicious script}
 ```
-1. BOserve that the target tenant's service availability and performance is degraded
+
+1. Observe that the target tenant's service availability and performance is degraded
 
 **Proof of Concept (PoC)**
 

submissions/description/ai_application_security/improper_input_handling/ansi_escape_codes/template.md

@@ -1,9 +1,11 @@
 ANSI escape codes injection occurs when an attacker uses specially crafted ANSI escape sequences within user-supplied input that can manipulate either the terminal output, or the behavior of the system receiving that input. This can lead to an attacker creating visual distortions, hiding of data, or even remote code execution in vulnerable systems that interpret these codes incorrectly.
 
 **Business Impact**
+
 This vulnerability can lead to reputational and financial damage of the company. The severity of the impact to the business is dependent on the sensitivity of the accessible data being transmitted by the application.
 
 **Steps to Reproduce**
+
 1. Use the following crafted input containing specific ANSI escape sequences for functions:
 
 ```input

submissions/description/ai_application_security/improper_output_handling/cross_site_scripting_xss/template.md

@@ -1,9 +1,11 @@
 Improper output handling can result in cross-Site Scripting (XSS) where an AI application fails to properly sanitize or encode user-supplied input. This allows an attacker to inject malicious scripts into the application, where the output is viewed by other users. These scripts execute within the user's browser context, potentially stealing session cookies, redirecting users to malicious sites, or performing other harmful actions.
 
 **Business Impact**
+
 This vulnerability can lead to reputational and financial damage of the company due an attacker gaining access to unauthorized data or compromising the decision-making of the LLM, which would also impact customers' trust. The severity of the impact to the business is dependent on the sensitivity of the accessible data being transmitted by the application.
 
 **Steps to Reproduce**
+
 1. Input the following specifically crafted text/data designed to trigger an XSS payload within an applicable function:
 
 ```prompt

submissions/description/ai_application_security/vector_and_embedding_weaknesses/embedding_exfiltration_model_extraction/template.md

@@ -12,7 +12,8 @@ Loss of intellectual property and competitive advantage if sensitive model infor
 ```python
   {script}
 ```
-3. Analyze the extracted embeddings for patterns and observer information about the model's knowledge
+
+1. Analyze the extracted embeddings for patterns and observer information about the model's knowledge
 
 **Proof of Concept (PoC)**