About This Dataset

The Habitat Constellation dataset is a curated collection of real-world incidents in which AI systems have been misused, or where AI capabilities have materially contributed to harmful outcomes. It is maintained by MissionOpsAI in partnership with the University of Bath as part of a Layer 1 threat detection framework for agentic AI misuse.

Each case study links to a publicly available source article and paraphrases — rather than reproduces — the reporting. No source text is copied verbatim.

Threat Habitat Taxonomy

Incidents are classified into four threat habitat constellations defined by the University of Bath research team:

Corporate Extortion and Deception

AI systems used to deceive organisations or individuals for financial gain — including AI-generated phishing, synthetic identity fraud, social engineering at scale, and automated extortion campaigns targeting businesses.

Autonomous Vulnerability Exploitation

AI-driven discovery and exploitation of software vulnerabilities without meaningful human direction at each step — including automated scanning, proof-of-concept generation, and active exploitation of unpatched systems.

Autonomous Weaponisation

AI systems applied to the design, optimisation, or deployment of weapons or harmful tools — including CBRN research assistance, autonomous targeting, and AI-enabled physical attack planning.

Behavioural Manipulation

AI used to influence beliefs, emotions, or decisions at scale — including synthetic propaganda, personalised disinformation, AI-generated deepfakes deployed to deceive the public, and automated influence operations targeting democratic processes.

An incident may exhibit characteristics of more than one constellation; it is assigned to the primary threat type based on the dominant mechanism of harm. Where classification is uncertain, the confidence score reflects that uncertainty and the case study is flagged for human review.

Human Review Gate

Every case study is reviewed and approved by a human analyst before it enters this dataset. AI classification assists triage and surfaces candidate incidents, but no case study reaches the published state without explicit human sign-off.

The review step examines whether the incident is real and the source credible; the classification is accurate; the summary accurately reflects the source without introducing detail not present in the original reporting; and no personally identifiable information is included beyond what was already in the public source.

This gate is enforced in the system — there is no automated path from classification to publication.

Provenance

Each case study carries a provenance trail recording its origin and handling — when it was identified, which source it came from, which model produced the initial classification and with what confidence, and who reviewed and approved it. This trail is immutable: it cannot be altered after the fact.

Corrections and Disputes

If you believe a case study contains an error — incorrect attribution, misclassification, or a factual claim not supported by the source — you can submit a correction using the export API's corrections endpoint. Corrections are reviewed; where a dispute is upheld the case study is revised or removed.

Partnership

This dataset is produced in partnership with the University of Bath as part of ongoing research into the detection and characterisation of real-world agentic AI misuse. The threat habitat taxonomy is the intellectual product of the Bath research team.

Dataset maintained by MissionOpsAI · University of Bath partnership

LOADING CASE STUDIES…
HABITAT CONSTELLATION ANALYST
Retrieval-grounded · Published case studies only · Citations required · Anonymous session
Ask a question about the case study corpus
Responses are grounded in published, human-reviewed case studies only. If the corpus cannot answer your question, the agent will say so rather than fabricating a response.
Anonymous session · IP rate-limited · Sovereign inference · All responses cite source case studies · Unfounded claims refused
Download Case Studies

Published case studies are available for download in JSON or CSV format. Only approved, human-reviewed entries are included.

⬇ JSON ⬇ CSV
Paginated API

The export endpoint supports cursor-based pagination, constellation filtering, and date range filtering.

GET /v1/hc/export?limit=50&constellation=behavioural-manipulation
GET /v1/hc/export?cursor=<next_cursor>&limit=50
GET /v1/hc/export?format=csv&date_from=2026-01-01

Rate limit: 60 requests per minute per IP. Responses include X-RateLimit-Remaining header.

Analyst API

Submit queries against the case study corpus programmatically. Responses include citations and are grounded in published data only.

POST /v1/hc/analyst/chat
{ "query": "your question here", "session_id": "optional-uuid" }
Submit a Correction

To report an error in a published case study, POST to the corrections endpoint with the case study ID, correction type, and a description of the error.

POST /v1/hc/corrections
{ "case_study_id": "uuid", "correction_type": "disputed_fact", "description": "…" }

Correction types: wrong_attribution · disputed_fact · wrong_constellation · other