Phase 1: CAPABILITY EMERGENCE

What AI capability makes this attack possible? What new AI ability makes this possible?

• Required capability: [e.g., "Superhuman persuasion" / "Novel exploit discovery" / "Protein design"]
• Current capability gap: [How far are we from this today?]
• Warning signs we'd see first: [What would indicate this capability is emerging?]

Phase 2: ACCESS & WEAPONISATION

How does the attacker gain and prepare the capability? How does the attacker get and prepare it?

• Access method: [Open-source model / API jailbreak / Internal deployment / Stolen weights]
• Preparation steps: [Fine-tuning / Tool integration / Resource accumulation]
• Time required: [Hours / Days / Months]

Phase 3: INITIAL BREACH

What's the first domino to fall? First foothold or incident.

• Entry point: [Specific system or person compromised]
• Method: [How the AI executes the first strike]
• Detection likelihood: [Would anyone notice at this stage?]

Phase 4: ESCALATION CASCADE

How does initial success compound? How does it spread or intensify?

• Propagation mechanism: [How it spreads or scales]
• Failed safeguards: [List 3 defences that should work but don't]
• Point of no return: [When does it become unstoppable?]