docs(rag): replace mermaid diagram with static image

- Removed the inline Mermaid diagram definition for the secure document ingestion pipeline. - Replaced the diagram with a reference to a pre-rendered image (assets/rec21_secure_ingestion.png). - Ensures consistent visual representation of the pipeline across different markdown viewers. - Avoids potential rendering issues or inconsistencies associated with dynamic Mermaid diagrams.
2026-02-12 14:42:46 +00:00 · 2026-02-03 19:20:35 +01:00
parent ba55bf3f6b
commit 1f8b097244
14 changed files with 8 additions and 24 deletions
--- a/docs/Chapter_08_Evidence_Documentation_and_Chain_of_Custody.md
+++ b/docs/Chapter_08_Evidence_Documentation_and_Chain_of_Custody.md
@@ -80,9 +80,7 @@ Evidence is the backbone of credible red team engagements. In AI/LLM systems, go

 A robust chain of custody ensures that all evidence remains trustworthy and traceable throughout its lifecycle.

-<p align="center">
-  <img src="assets/rec8_evidence_lifecycle.svg" alt="Evidence Lifecycle Diagram" width="512">
-</p>
+  <img src="assets/evidence_lifecycle_deus_ex.png" alt="Evidence Lifecycle Diagram" width="800">

 - Log all evidence transfers (who, when, how).
 - Use cryptographic hashes to fingerprint files or logs at capture time.
--- a/docs/Chapter_10_Tokenization_Context_and_Generation.md
+++ b/docs/Chapter_10_Tokenization_Context_and_Generation.md
@@ -87,9 +87,7 @@ Once the model has processed your tokens, it calculates the probability of every
  - `Temp < 1.0`: Increases focus (Conservatism).
 - **Top-P (Nucleus):** Considers only the top subset of tokens whose probabilities give a cumulative mass of `P` (e.g., 0.9).

-<p align="center">
-  <img src="assets/rec13_decoding_tree.svg" alt="Decoding Strategy Tree" width="512">
-</p>
+  <img src="assets/decoding_strategy_tree_deus_ex.png" alt="Decoding Strategy Tree" width="800">

 ### 10.3.2 Adversarial Implication: Determinism

--- a/docs/Chapter_11_Plugins_Extensions_and_External_APIs.md
+++ b/docs/Chapter_11_Plugins_Extensions_and_External_APIs.md
@@ -30,9 +30,7 @@ In a plugin-enabled system, the workflow shifts from **Generation** to **Action*
 5. **Observation:** The API result is fed back to the model.
 6. **Response:** The model summarizes the result for the user.

-<p align="center">
-  <img src="assets/rec14_tool_loop.svg" alt="Tool Use Loop Diagram" width="512">
-</p>
+  <img src="assets/tool_use_loop_deus_ex.png" alt="Tool Use Loop Diagram" width="800">

 > **Red Team Insight:** We can attack this loop at two points:
 >
@@ -77,9 +75,7 @@ This is the "killer chain" of LLM security.
 2. **Victim** asks their AI assistant: "Summarize this URL."
 3. **AI Assistant** reads the site, ingests the prompt, and executes the command on the **Victim's** machine or session.

-<p align="center">
-  <img src="assets/rec15_indirect_injection.svg" alt="Indirect Injection Attack Flow" width="512">
-</p>
+  <img src="assets/indirect_injection_flow_deus_ex.png" alt="Indirect Injection Attack Flow" width="800">

 ### 11.3.2 Cross-Plugin Request Forgery (CPRF)

--- a/docs/Chapter_12_Retrieval_Augmented_Generation_RAG_Pipelines.md
+++ b/docs/Chapter_12_Retrieval_Augmented_Generation_RAG_Pipelines.md
@@ -104,9 +104,7 @@ Understanding the complete data flow helps identify attack surfaces and vulnerab

 ### End-to-End RAG Data Flow

-<p align="center">
-  <img src="assets/rec16_rag_flow.svg" alt="RAG Data Flow Diagram" width="512">
-</p>
+  <img src="assets/rag_data_flow_deus_ex.png" alt="RAG Data Flow Diagram" width="800">

 ### Critical Security Checkpoints

@@ -177,9 +175,7 @@ RAG systems integrate multiple components (LLMs, databases, parsers, APIs), each

 #### Example

-<p align="center">
-  <img src="assets/rec17_retrieval_manipulation.svg" alt="Retrieval Manipulation Diagram" width="512">
-</p>
+  <img src="assets/retrieval_poisoning_deus_ex.png" alt="Retrieval Manipulation Diagram" width="800">

 | Query Type    | Query Content                                                                                               |
 | :------------ | :---------------------------------------------------------------------------------------------------------- |
--- a/docs/Chapter_14_Prompt_Injection.md
+++ b/docs/Chapter_14_Prompt_Injection.md
@@ -133,9 +133,7 @@ To understand prompt injection, we must first understand how LLMs process prompt

 A typical LLM interaction involves multiple components:

-<p align="center">
-  <img src="assets/rec20_prompt_injection.svg" alt="System vs User Prompt Diagram" width="512">
-</p>
+  <img src="assets/prompt_injection_diagram_deus_ex.png" alt="System vs User Prompt Diagram" width="800">

 ### System Prompts vs. User Prompts

--- a/docs/Chapter_19_Training_Data_Poisoning.md
+++ b/docs/Chapter_19_Training_Data_Poisoning.md
@@ -112,9 +112,7 @@ Poisoning reveals that LLMs are "untrusting sponges." They absorb everything in

 #### Taxonomy

-<p align="center">
-  <img src="assets/data_poisoning_taxonomy.svg" alt="Data Poisoning Attacks Taxonomy" width="512">
-</p>
+  <img src="assets/poisoning_taxonomy_tree_deus_ex.png" alt="Data Poisoning Attacks Taxonomy" width="800">

 #### Attack Categories

--- a/docs/assets/decoding_strategy_tree_deus_ex.png
+++ b/docs/assets/decoding_strategy_tree_deus_ex.png
--- a/docs/assets/evidence_lifecycle_deus_ex.png
+++ b/docs/assets/evidence_lifecycle_deus_ex.png
--- a/docs/assets/indirect_injection_flow_deus_ex.png
+++ b/docs/assets/indirect_injection_flow_deus_ex.png
--- a/docs/assets/poisoning_taxonomy_tree_deus_ex.png
+++ b/docs/assets/poisoning_taxonomy_tree_deus_ex.png
--- a/docs/assets/prompt_injection_diagram_deus_ex.png
+++ b/docs/assets/prompt_injection_diagram_deus_ex.png
--- a/docs/assets/rag_data_flow_deus_ex.png
+++ b/docs/assets/rag_data_flow_deus_ex.png
--- a/docs/assets/retrieval_poisoning_deus_ex.png
+++ b/docs/assets/retrieval_poisoning_deus_ex.png
--- a/docs/assets/tool_use_loop_deus_ex.png
+++ b/docs/assets/tool_use_loop_deus_ex.png