Lemma Critical Brief · Category archive

Data Provenance

RAG poisoning, training-data contamination, tampered document chains.

6 Briefs

No. 030 · 2026-06-06

Stripe's Trusted API Infrastructure Repurposed to Deliver Card-Skimming Code and Store Stolen Data

Allowlists Trust the Domain's Identity, Not the Provenance of What It Carries

Pillar 01 Verifiable Origin Code Provenance Identity & AuthData Provenance Brief →

No. 024 · 2026-06-05

Invisible Unicode Instruction Injection

The Gap Between Human-Read and Model-Read Input

Pillar 02 Verifiable AI AI Decision Integrity Agent InfrastructureData Provenance Brief →

No. 022 · 2026-06-04

OnlyFake

AI-Generated IDs Bypass Exchange KYC

Pillar 04 Regulatory Attribute Proof Attribute Proof Bypass Identity & AuthData Provenance Brief →

No. 011 · 2026-05-31

SynthID Watermark Reverse-Engineering

How a Statistical Attack Strips the Provenance Mark from AI-Generated Content

Pillar 01 Verifiable Origin Data Provenance AI Decision Integrity Brief →

No. 005 · 2026-05-30

Noroboto Attack

AI Document Review Input-Integrity Forgery via Embedded Lying Fonts

Pillar 02 Verifiable AI AI Decision Integrity Data Provenance Brief →

No. 008 · 2026-05-30

Discord 2.05 Billion Message Scraping via Public API

How Public Channel Data Gets Redistributed as AI Training Datasets

Pillar 01 Verifiable Origin Training Data Provenance Data ProvenanceAttribute Proof Bypass Brief →