AI Infrastructure Security Game

How the simulator works

• Each scenario shows an AI system component — an agent, an inference endpoint, an MCP server, a vector DB — with a hidden security flaw.
• Identify the issue from four plausible options — the wrong answers explain why they look reasonable but miss the real risk.
• Read the production explanation, follow the link to the relevant lesson, and move to the next scenario.
• Score yourself across all six rounds — covering prompt injection, model extraction, vector-DB access control, agent tool authorization, inference cost control, and MCP server identity.