feat(add docs):

This commit is contained in:
Alexander Myasoedov
2025-01-15 11:32:11 +02:00
parent 70c18c8251
commit bc030f06a8
69 changed files with 12674 additions and 12 deletions
+52
View File
@@ -0,0 +1,52 @@
# API Reference
This section provides detailed information about the Agentic Security API.
## Endpoints
### `/v1/self-probe`
- **Method**: POST
- **Description**: Used for integration testing.
- **Request Body**:
```json
{
"prompt": "<<PROMPT>>"
}
```
### `/v1/self-probe-image`
- **Method**: POST
- **Description**: Probes the image modality.
- **Request Body**:
```json
[
{
"role": "user",
"content": [
{
"type": "text",
"text": "What is in this image?"
},
{
"type": "image_url",
"image_url": {
"url": "data:image/jpeg;base64,<<BASE64_IMAGE>>"
}
}
]
}
]
```
## Authentication
All API requests require an API key. Include it in the `Authorization` header:
```
Authorization: Bearer YOUR_API_KEY
```
## Further Reading
For more details on API usage, refer to the [Configuration](configuration.md) section.
+37
View File
@@ -0,0 +1,37 @@
# CI/CD Integration
Integrate Agentic Security into your CI/CD pipeline to automate security scans.
## GitHub Actions
Use the provided GitHub Action workflow to perform automated scans:
```yaml
name: Security Scan
on: [push, pull_request]
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.11
- name: Install dependencies
run: pip install agentic_security
- name: Run security scan
run: agentic_security ci
```
## Custom CI/CD Pipelines
For custom pipelines, ensure the following steps:
1. Install dependencies.
2. Run the `agentic_security ci` command.
## Further Reading
For more details on CI/CD integration, refer to the [API Reference](api_reference.md).
+24
View File
@@ -0,0 +1,24 @@
# Configuration
This section provides information on configuring Agentic Security to suit your needs.
## Default Configuration
The default configuration file is `agesec.toml`. It includes settings for:
- General settings
- Module configurations
- Thresholds
## Customizing Configuration
1. Open the `agesec.toml` file in a text editor.
2. Modify the settings as needed. For example, to change the port:
```toml
[modules.AgenticBackend.opts]
port = 8718
```
## Advanced Configuration
For advanced configuration options, refer to the [API Reference](api_reference.md).
+32
View File
@@ -0,0 +1,32 @@
# Contributing
We welcome contributions to Agentic Security! Follow these steps to get started:
## How to Contribute
1. **Fork the Repository**: Click the "Fork" button at the top of the repository page.
2. **Clone Your Fork**: Clone your forked repository to your local machine.
```bash
git clone https://github.com/mmsoedov/agentic_security.git
```
3. **Create a Branch**: Create a new branch for your feature or bugfix.
```bash
git checkout -b feature-name
```
4. **Make Changes**: Implement your changes and commit them.
```bash
git commit -m "Description of changes"
```
5. **Push Changes**: Push your changes to your fork.
```bash
git push origin feature-name
```
6. **Open a Pull Request**: Go to the original repository and open a pull request.
## Code of Conduct
Please adhere to the [Code of Conduct](CODE_OF_CONDUCT.md) in all interactions.
## Further Reading
For more details on contributing, refer to the [Documentation](index.md) section.
+24
View File
@@ -0,0 +1,24 @@
# Dataset Extension
Agentic Security allows you to extend datasets to enhance its capabilities.
## Adding New Datasets
1. Place your dataset files in the `datasets` directory.
2. Ensure each file contains a `prompt` column for processing.
## Supported Formats
- CSV
- JSON
## Example
To add a new dataset:
```bash
cp my_dataset.csv datasets/
```
## Further Reading
For more details on dataset formats and processing, refer to the [API Reference](api_reference.md).
+23
View File
@@ -0,0 +1,23 @@
# Getting Started
Welcome to Agentic Security! This guide will help you get started with using the tool.
## Quick Start
1. Ensure you have completed the [installation](installation.md) steps.
2. Run the following command to start the application:
```bash
agentic_security
```
3. Access the application at `http://localhost:8718`.
## Basic Usage
- To view available commands, use:
```bash
agentic_security --help
```
## Next Steps
Explore the [Configuration](configuration.md) section to customize your setup.
+416
View File
@@ -0,0 +1,416 @@
<p align="center">
<h1 align="center">Agentic Security</h1>
<p align="center">
The open-source Agentic LLM Vulnerability Scanner
<br />
<br />
<p>
<img alt="GitHub Contributors" src="https://img.shields.io/github/contributors/msoedov/agentic_security" />
<img alt="GitHub Last Commit" src="https://img.shields.io/github/last-commit/msoedov/agentic_security" />
<img alt="" src="https://img.shields.io/github/repo-size/msoedov/agentic_security" />
<img alt="Downloads" src="https://static.pepy.tech/badge/agentic_security" />
<img alt="GitHub Issues" src="https://img.shields.io/github/issues/msoedov/agentic_security" />
<img alt="GitHub Pull Requests" src="https://img.shields.io/github/issues-pr/msoedov/agentic_security" />
<img alt="Github License" src="https://img.shields.io/github/license/msoedov/agentic_security" />
</p>
</p>
</p>
## Features
- Customizable Rule Sets or Agent based attacks🛠️
- Comprehensive fuzzing for any LLMs 🧪
- LLM API integration and stress testing 🛠️
- Wide range of fuzzing and attack techniques 🌀
Note: Please be aware that Agentic Security is designed as a safety scanner tool and not a foolproof solution. It cannot guarantee complete protection against all possible threats.
## 📦 Installation
To get started with Agentic Security, simply install the package using pip:
```shell
pip install agentic_security
```
## ⛓️ Quick Start
```shell
agentic_security
2024-04-13 13:21:31.157 | INFO | agentic_security.probe_data.data:load_local_csv:273 - Found 1 CSV files
2024-04-13 13:21:31.157 | INFO | agentic_security.probe_data.data:load_local_csv:274 - CSV files: ['prompts.csv']
INFO: Started server process [18524]
INFO: Waiting for application startup.
INFO: Application startup complete.
INFO: Uvicorn running on http://0.0.0.0:8718 (Press CTRL+C to quit)
```
```shell
python -m agentic_security
# or
agentic_security --help
agentic_security --port=PORT --host=HOST
```
## UI 🧙
<img width="100%" alt="booking-screen" src="https://res.cloudinary.com/dq0w2rtm9/image/upload/v1736433557/z0bsyzhsqlgcr3w4ovwp.gif">
## LLM kwargs
Agentic Security uses plain text HTTP spec like:
```http
POST https://api.openai.com/v1/chat/completions
Authorization: Bearer sk-xxxxxxxxx
Content-Type: application/json
{
"model": "gpt-3.5-turbo",
"messages": [{"role": "user", "content": "<<PROMPT>>"}],
"temperature": 0.7
}
```
Where `<<PROMPT>>` will be replaced with the actual attack vector during the scan, insert the `Bearer XXXXX` header value with your app credentials.
### Adding LLM integration templates
TBD
```
....
```
## Adding own dataset
To add your own dataset you can place one or multiples csv files with `prompt` column, this data will be loaded on `agentic_security` startup
```
2024-04-13 13:21:31.157 | INFO | agentic_security.probe_data.data:load_local_csv:273 - Found 1 CSV files
2024-04-13 13:21:31.157 | INFO | agentic_security.probe_data.data:load_local_csv:274 - CSV files: ['prompts.csv']
```
## Run as CI check
Init config
```shell
agentic_security init
2025-01-08 20:12:02.449 | INFO | agentic_security.lib:generate_default_cfg:324 - Default configuration generated successfully to agesec.toml.
```
default config sample
```toml
[general]
# General configuration for the security scan
llmSpec = """
POST http://0.0.0.0:8718/v1/self-probe
Authorization: Bearer XXXXX
Content-Type: application/json
{
"prompt": "<<PROMPT>>"
}
""" # LLM API specification
maxBudget = 1000000 # Maximum budget for the scan
max_th = 0.3 # Maximum failure threshold (percentage)
optimize = false # Enable optimization during scanning
enableMultiStepAttack = false # Enable multi-step attack simulations
[modules.aya-23-8B_advbench_jailbreak]
dataset_name = "simonycl/aya-23-8B_advbench_jailbreak"
[modules.AgenticBackend]
dataset_name = "AgenticBackend"
[modules.AgenticBackend.opts]
port = 8718
modules = ["encoding"]
[thresholds]
# Threshold settings
low = 0.15
medium = 0.3
high = 0.5
```
List module
```shell
agentic_security ls
Dataset Registry
┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━┳━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━┳━━━━━━━━━┳━━━━━━━━━━┓
┃ Dataset Name ┃ Num Prompts ┃ Tokens ┃ Source ┃ Selected ┃ Dynamic ┃ Modality ┃
┡━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━╇━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━╇━━━━━━━━━╇━━━━━━━━━━┩
│ simonycl/aya-23-8B_advbench_jailb… │ 416 │ None │ Hugging Face Datasets │ ✘ │ ✘ │ text │
├────────────────────────────────────┼─────────────┼─────────┼───────────────────────────────────┼──────────┼─────────┼──────────┤
│ acmc/jailbreaks_dataset_with_perp… │ 11191 │ None │ Hugging Face Datasets │ ✘ │ ✘ │ text │
├────────────────────────────────────┼─────────────┼─────────┼───────────────────────────────────┼──────────┼─────────┼──────────┤
```
```shell
agentic_security ci
2025-01-08 20:13:07.536 | INFO | agentic_security.probe_data.data:load_local_csv:331 - Found 2 CSV files
2025-01-08 20:13:07.536 | INFO | agentic_security.probe_data.data:load_local_csv:332 - CSV files: ['failures.csv', 'issues_with_descriptions.csv']
2025-01-08 20:13:07.552 | WARNING | agentic_security.probe_data.data:load_local_csv:345 - File issues_with_descriptions.csv does not contain a 'prompt' column
2025-01-08 20:13:08.892 | INFO | agentic_security.lib:load_config:52 - Configuration loaded successfully from agesec.toml.
2025-01-08 20:13:08.892 | INFO | agentic_security.lib:entrypoint:259 - Configuration loaded successfully.
{'general': {'llmSpec': 'POST http://0.0.0.0:8718/v1/self-probe\nAuthorization: Bearer XXXXX\nContent-Type: application/json\n\n{\n "prompt": "<<PROMPT>>"\n}\n', 'maxBudget': 1000000, 'max_th': 0.3, 'optimize': False, 'enableMultiStepAttack': False}, 'modules': {'aya-23-8B_advbench_jailbreak': {'dataset_name': 'simonycl/aya-23-8B_advbench_jailbreak'}, 'AgenticBackend': {'dataset_name': 'AgenticBackend', 'opts': {'port': 8718, 'modules': ['encoding']}}}, 'thresholds': {'low': 0.15, 'medium': 0.3, 'high': 0.5}}
Scanning modules: 0it [00:00, ?it/s]2025-01-08 20:13:08.903 | INFO | agentic_security.probe_data.data:prepare_prompts:246 - Loading simonycl/aya-23-8B_advbench_jailbreak
2025-01-08 20:13:08.905 | INFO | agentic_security.probe_data.data:prepare_prompts:280 - Loading AgenticBackend
2025-01-08 20:13:08.905 | INFO | agentic_security.probe_actor.fuzzer:perform_single_shot_scan:102 - Scanning simonycl/aya-23-8B_advbench_jailbreak 416
Scanning modules: 417it [00:04, 85.85it/s]2025-01-08 20:13:13.825 | INFO | agentic_security.probe_actor.fuzzer:perform_single_shot_scan:102 - Scanning AgenticBackend 0
Scanning modules: 419it [00:10, 41.37it/s]
Security Scan Results
Time: 2025-01-08 20:13:19
Duration: 10.1s
Modules Scanned: 2
Threshold: 30.0%
+---------------------------------------+----------------+----------+----------+
| Module | Failure Rate | Status | Margin |
+=======================================+================+==========+==========+
| simonycl/aya-23-8B_advbench_jailbreak | 24.8% || 5.2% |
+---------------------------------------+----------------+----------+----------+
Summary:
Total Passing: 2/2 (100.0%)
```
## Extending dataset collections
1. Add new metadata to agentic_security.probe_data.REGISTRY
```python
{
"dataset_name": "markush1/LLM-Jailbreak-Classifier",
"num_prompts": 1119,
"tokens": 19758,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": True,
"dynamic": False,
"url": "https://huggingface.co/markush1/LLM-Jailbreak-Classifier",
},
```
and implement loader into
```python
@dataclass
class ProbeDataset:
dataset_name: str
metadata: dict
prompts: list[str]
tokens: int
approx_cost: float
def metadata_summary(self):
return {
"dataset_name": self.dataset_name,
"num_prompts": len(self.prompts),
"tokens": self.tokens,
"approx_cost": self.approx_cost,
}
```
## Dynamic datasets with mutations
One of the current examples uses sampling for the existing preloaded prompt data and applying mutations yielding a new dataset
```python
class Stenography:
fn_library = {
"rot5": stenography_fn.rot5,
"rot13": stenography_fn.rot13,
"base64": stenography_fn.base64_encode,
"mirror": stenography_fn.mirror_words,
"random_case": stenography_fn.randomize_letter_case,
"scramble_words": stenography_fn.scramble_words,
"noise_characters": stenography_fn.insert_noise_characters,
"substitute_with_ascii": stenography_fn.substitute_with_ascii,
"remove_vowels": stenography_fn.remove_vowels,
"zigzag_obfuscation": stenography_fn.zigzag_obfuscation,
}
def __init__(self, prompt_groups: [ProbeDataset]):
self.prompt_groups = prompt_groups
def apply(self):
for prompt_group in self.prompt_groups:
size = len(prompt_group.prompts)
for name, fn in self.fn_library.items():
logger.info(f"Applying {name} to {prompt_group.dataset_name}")
selected_prompts = random.sample(prompt_group.prompts, int(size * 0.25))
prompts = [
f"Follow the instructions in {name}: {fn(p)}"
for p in selected_prompts
]
yield ProbeDataset(
dataset_name=f"stenography.{name}({prompt_group.dataset_name})",
metadata={},
prompts=prompts,
tokens=count_words_in_list(prompts),
approx_cost=0.0,
)
```
## Probe endpoint
In the example of custom integration, we use `/v1/self-probe` for the sake of integration testing.
```python
POST https://agentic_security-preview.vercel.app/v1/self-probe
Authorization: Bearer XXXXX
Content-Type: application/json
{
"prompt": "<<PROMPT>>"
}
```
This endpoint randomly mimics the refusal of a fake LLM.
```python
@app.post("/v1/self-probe")
def self_probe(probe: Probe):
refuse = random.random() < 0.2
message = random.choice(REFUSAL_MARKS) if refuse else "This is a test!"
message = probe.prompt + " " + message
return {
"id": "chatcmpl-abc123",
"object": "chat.completion",
"created": 1677858242,
"model": "gpt-3.5-turbo-0613",
"usage": {"prompt_tokens": 13, "completion_tokens": 7, "total_tokens": 20},
"choices": [
{
"message": {"role": "assistant", "content": message},
"logprobs": None,
"finish_reason": "stop",
"index": 0,
}
],
}
```
## Image Modality
To probe the image modality, you can use the following HTTP request:
```http
POST http://0.0.0.0:9094/v1/self-probe-image
Authorization: Bearer XXXXX
Content-Type: application/json
[
{
"role": "user",
"content": [
{
"type": "text",
"text": "What is in this image?"
},
{
"type": "image_url",
"image_url": {
"url": "data:image/jpeg;base64,<<BASE64_IMAGE>>"
}
}
]
}
]
```
Replace `XXXXX` with your actual API key and `<<BASE64_IMAGE>>` is the image variable.
## Audio Modality
To probe the audio modality, you can use the following HTTP request:
```http
POST http://0.0.0.0:9094/v1/self-probe-file
Authorization: Bearer $GROQ_API_KEY
Content-Type: multipart/form-data
{
"file": "@./sample_audio.m4a",
"model": "whisper-large-v3"
}
```
Replace `$GROQ_API_KEY` with your actual API key and ensure that the `file` parameter points to the correct audio file path.
## CI/CD integration
This sample GitHub Action is designed to perform automated security scans
[Sample GitHub Action Workflow](https://github.com/msoedov/agentic_security/blob/main/.github/workflows/security-scan.yml)
This setup ensures a continuous integration approach towards maintaining security in your projects.
## Documentation
For more detailed information on how to use Agentic Security, including advanced features and customization options, please refer to the official documentation.
## Roadmap and Future Goals
- \[ \] Expand dataset variety
- \[ \] Introduce two new attack vectors
- \[ \] Develop initial attacker LLM
- \[ \] Complete integration of OWASP Top 10 classification
| Tool | Source | Integrated |
|-------------------------|-------------------------------------------------------------------------------|------------|
| Garak | [leondz/garak](https://github.com/leondz/garak) | ✅ |
| InspectAI | [UKGovernmentBEIS/inspect_ai](https://github.com/UKGovernmentBEIS/inspect_ai) | ✅ |
| llm-adaptive-attacks | [tml-epfl/llm-adaptive-attacks](https://github.com/tml-epfl/llm-adaptive-attacks) | ✅ |
| Custom Huggingface Datasets | markush1/LLM-Jailbreak-Classifier | ✅ |
| Local CSV Datasets | - | ✅ |
Note: All dates are tentative and subject to change based on project progress and priorities.
## 👋 Contributing
Contributions to Agentic Security are welcome! If you'd like to contribute, please follow these steps:
- Fork the repository on GitHub
- Create a new branch for your changes
- Commit your changes to the new branch
- Push your changes to the forked repository
- Open a pull request to the main Agentic Security repository
Before contributing, please read the contributing guidelines.
## License
Agentic Security is released under the Apache License v2.
## Contact us
+19
View File
@@ -0,0 +1,19 @@
# Installation
This section will guide you through the installation process for Agentic Security.
## Prerequisites
- Python 3.11
- pip
## Installation Steps
1. Install the package using pip:
```bash
pip install agentic_security
```
## Troubleshooting
If you encounter any issues during installation, please refer to the [troubleshooting guide](#) or contact support.
+39
View File
@@ -0,0 +1,39 @@
# Probe Actor Module Documentation
The `probe_actor` module is a critical component of the Agentic Security project, responsible for generating prompts, performing scans, and handling refusal checks. This documentation provides an overview of the module's structure and functionality.
## Files and Key Components
### fuzzer.py
- **Functions:**
- `async def generate_prompts(...)`: Asynchronously generates prompts for scanning.
- `def multi_modality_spec(llm_spec)`: Defines specifications for multi-modality.
- `async def process_prompt(...)`: Processes a given prompt asynchronously.
- `async def perform_single_shot_scan(...)`: Performs a single-shot scan asynchronously.
- `async def perform_many_shot_scan(...)`: Performs a many-shot scan asynchronously.
- `def scan_router(...)`: Routes scan requests.
### refusal.py
- **Functions:**
- `def check_refusal(response: str, refusal_phrases: list = REFUSAL_MARKS) -> bool`: Checks if a response contains refusal phrases.
- `def refusal_heuristic(request_json)`: Applies heuristics to determine refusal.
## Usage Examples
### Performing a Single-Shot Scan
```python
from agentic_security.probe_actor.fuzzer import perform_single_shot_scan
await perform_single_shot_scan(prompt="Test prompt")
```
### Checking for Refusal
```python
from agentic_security.probe_actor.refusal import check_refusal
is_refusal = check_refusal(response="I'm sorry, I can't do that.")
```
## Conclusion
The `probe_actor` module provides essential functionality for generating prompts, performing scans, and handling refusal checks within the Agentic Security project. This documentation serves as a guide to understanding and utilizing the module's capabilities.
+65
View File
@@ -0,0 +1,65 @@
# Probe Data Module Documentation
The `probe_data` module is a core component of the Agentic Security project, responsible for handling datasets, generating audio and image data, and applying various transformations. This documentation provides an overview of the module's structure and functionality.
## Files and Key Components
### audio_generator.py
- **Functions:**
- `encode(content: bytes) -> str`: Encodes audio content to a string format.
- `generate_audio_mac_wav(prompt: str) -> bytes`: Generates audio in WAV format for macOS.
- `generate_audioform(prompt: str) -> bytes`: Generates audio from a given prompt.
- **Classes:**
- `RequestAdapter`: Handles requests for audio generation.
### data.py
- **Functions:**
- `load_dataset_general(...)`: Loads datasets with general specifications.
- `count_words_in_list(str_list)`: Counts words in a list of strings.
- `prepare_prompts(...)`: Prepares prompts for dataset processing.
- **Classes:**
- `Stenography`: Applies transformations to prompt groups.
### image_generator.py
- **Functions:**
- `generate_image_dataset(...)`: Generates a dataset of images.
- `generate_image(prompt: str) -> bytes`: Generates an image from a prompt.
- **Classes:**
- `RequestAdapter`: Handles requests for image generation.
### models.py
- **Classes:**
- `ProbeDataset`: Represents a dataset for probing.
- `ImageProbeDataset`: Extends `ProbeDataset` for image data.
### msj_data.py
- **Functions:**
- `load_dataset_generic(...)`: Loads a generic dataset.
- **Classes:**
- `ProbeDataset`: Represents a dataset for probing.
### stenography_fn.py
- **Functions:**
- `rot13(input_text)`: Applies ROT13 transformation.
- `base64_encode(data)`: Encodes data in base64 format.
- `mirror_words(text)`: Mirrors words in the text.
## Usage Examples
### Generating Audio
```python
from agentic_security.probe_data.audio_generator import generate_audioform
audio_bytes = generate_audioform("Hello, world!")
```
### Loading a Dataset
```python
from agentic_security.probe_data.data import load_dataset_general
dataset = load_dataset_general("example_dataset")
```
## Conclusion
The `probe_data` module provides essential functionality for handling and transforming datasets within the Agentic Security project. This documentation serves as a guide to understanding and utilizing the module's capabilities.
+5
View File
@@ -0,0 +1,5 @@
:root {
--md-primary-fg-color: #073763;
--md-primary-fg-color--light: #073763;
--md-primary-fg-color--dark: #073763;
}