CalvinBackup/agentic_security
1
0
Fork 0
mirror of https://github.com/msoedov/agentic_security.git synced 2026-06-24 14:19:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: CalvinBackup/agentic_security:0.4.5
Branches Tags
CalvinBackup/agentic_security:main CalvinBackup/agentic_security:feat/research-enhancements CalvinBackup/agentic_security:poc-concurrency-reporting-unified CalvinBackup/agentic_security:dependabot/npm_and_yarn/ui/node-forge-1.3.2 CalvinBackup/agentic_security:dependabot/npm_and_yarn/ui/multi-9491a2a7cf CalvinBackup/agentic_security:dependabot/pip/inline-snapshot-0.31.0 CalvinBackup/agentic_security:dependabot/pip/mcp-1.19.0 CalvinBackup/agentic_security:dependabot/pip/mcp-1.10.0 CalvinBackup/agentic_security:codex/explain-codebase-structure-to-newcomer CalvinBackup/agentic_security:dependabot/pip/urllib3-2.5.0 CalvinBackup/agentic_security:dependabot/pip/tornado-6.5.1 CalvinBackup/agentic_security:dependabot/pip/h11-0.16.0 CalvinBackup/agentic_security:codebeaver/issue-158-missing-type-annotations-162 CalvinBackup/agentic_security:codebeaver/fardin/dev-118 CalvinBackup/agentic_security:dependabot/pip/setuptools-70.0.0 CalvinBackup/agentic_security:dependabot/pip/certifi-2024.7.4
CalvinBackup/agentic_security:0.7.5 CalvinBackup/agentic_security:0.7.4 CalvinBackup/agentic_security:0.7.3 CalvinBackup/agentic_security:0.7.2 CalvinBackup/agentic_security:0.7.1 CalvinBackup/agentic_security:0.7.0 CalvinBackup/agentic_security:0.6.0 CalvinBackup/agentic_security:0.5.1 CalvinBackup/agentic_security:0.5.0 CalvinBackup/agentic_security:0.4.5 CalvinBackup/agentic_security:0.4.4 CalvinBackup/agentic_security:0.4.3 CalvinBackup/agentic_security:0.4.2 CalvinBackup/agentic_security:0.3.3 CalvinBackup/agentic_security:0.2.6 CalvinBackup/agentic_security:0.2.5 CalvinBackup/agentic_security:0.2.4 CalvinBackup/agentic_security:0.2.3 CalvinBackup/agentic_security:0.2.1 CalvinBackup/agentic_security:0.2.0 CalvinBackup/agentic_security:0.1.7 CalvinBackup/agentic_security:0.1.4 CalvinBackup/agentic_security:0.1.1
...
compare: CalvinBackup/agentic_security:0.7.0
Branches Tags
CalvinBackup/agentic_security:main CalvinBackup/agentic_security:feat/research-enhancements CalvinBackup/agentic_security:poc-concurrency-reporting-unified CalvinBackup/agentic_security:dependabot/npm_and_yarn/ui/node-forge-1.3.2 CalvinBackup/agentic_security:dependabot/npm_and_yarn/ui/multi-9491a2a7cf CalvinBackup/agentic_security:dependabot/pip/inline-snapshot-0.31.0 CalvinBackup/agentic_security:dependabot/pip/mcp-1.19.0 CalvinBackup/agentic_security:dependabot/pip/mcp-1.10.0 CalvinBackup/agentic_security:codex/explain-codebase-structure-to-newcomer CalvinBackup/agentic_security:dependabot/pip/urllib3-2.5.0 CalvinBackup/agentic_security:dependabot/pip/tornado-6.5.1 CalvinBackup/agentic_security:dependabot/pip/h11-0.16.0 CalvinBackup/agentic_security:codebeaver/issue-158-missing-type-annotations-162 CalvinBackup/agentic_security:codebeaver/fardin/dev-118 CalvinBackup/agentic_security:dependabot/pip/setuptools-70.0.0 CalvinBackup/agentic_security:dependabot/pip/certifi-2024.7.4
CalvinBackup/agentic_security:0.7.5 CalvinBackup/agentic_security:0.7.4 CalvinBackup/agentic_security:0.7.3 CalvinBackup/agentic_security:0.7.2 CalvinBackup/agentic_security:0.7.1 CalvinBackup/agentic_security:0.7.0 CalvinBackup/agentic_security:0.6.0 CalvinBackup/agentic_security:0.5.1 CalvinBackup/agentic_security:0.5.0 CalvinBackup/agentic_security:0.4.5 CalvinBackup/agentic_security:0.4.4 CalvinBackup/agentic_security:0.4.3 CalvinBackup/agentic_security:0.4.2 CalvinBackup/agentic_security:0.3.3 CalvinBackup/agentic_security:0.2.6 CalvinBackup/agentic_security:0.2.5 CalvinBackup/agentic_security:0.2.4 CalvinBackup/agentic_security:0.2.3 CalvinBackup/agentic_security:0.2.1 CalvinBackup/agentic_security:0.2.0 CalvinBackup/agentic_security:0.1.7 CalvinBackup/agentic_security:0.1.4 CalvinBackup/agentic_security:0.1.1

180 Commits
0.4.5 ... 0.7.0

Author SHA1 Message Date
Alexander Myasoedov 85d5c67047 feat(bump version): 2025-03-12 13:42:59 +02:00
Alexander Myasoedov b4e0aef33f Merge branch 'main' of github.com:msoedov/agentic_security 2025-03-12 13:41:56 +02:00
Alexander Myasoedov 3a3ac4421c fix(clean up): 2025-03-12 13:41:24 +02:00
Alexander Myasoedov d6ccd8f114 Merge pull request #180 from nemanjaASE/issue-168-missing-documentation 
Add missing documentation in report_chart.py
 2025-03-12 13:39:56 +02:00
nemanjaASE 41ecc3c8e2 Add missing documentation in report_chart.py 2025-03-12 12:30:30 +01:00
Alexander Myasoedov a5f8da4139 Merge pull request #178 from nemanjaASE/issue-169-incomplete-error-handling 
Add error handling in report_chart.py
 2025-03-12 12:53:07 +02:00
Alexander Myasoedov 9b47b72bb8 fix(link): 2025-03-12 12:39:54 +02:00
Alexander Myasoedov 91ff3aa11f feat(add demo gif): 2025-03-12 12:38:32 +02:00
nemanjaASE 87264b793b Fix error handling 2025-03-12 11:38:23 +01:00
Alexander Myasoedov 2bc093cfc4 feat(add gif to repo): 2025-03-12 12:37:36 +02:00
Alexander Myasoedov 182b67de57 Merge branch 'main' of github.com:msoedov/agentic_security 2025-03-12 12:36:22 +02:00
Alexander Myasoedov 35540d0299 fix(link): 2025-03-12 12:34:52 +02:00
Alexander Myasoedov 50ce80b149 Merge pull request #179 from msoedov/dependabot/pip/datasets-3.3.2 
build(deps): bump datasets from 3.3.0 to 3.3.2
 2025-03-12 11:55:37 +02:00
dependabot[bot] 07772e9779 build(deps): bump datasets from 3.3.0 to 3.3.2 
Bumps [datasets](https://github.com/huggingface/datasets) from 3.3.0 to 3.3.2.
- [Release notes](https://github.com/huggingface/datasets/releases)
- [Commits](https://github.com/huggingface/datasets/compare/3.3.0...3.3.2)

---
updated-dependencies:
- dependency-name: datasets
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-11 17:34:30 +00:00
Alexander Myasoedov c7a6d16e00 Merge branch 'main' of github.com:msoedov/agentic_security 2025-03-11 14:35:33 +02:00
Alexander Myasoedov fe71ab0b70 fix(AttributeError: 'NoneType' object has no attribute 'values'): 2025-03-11 14:34:41 +02:00
Alexander Myasoedov b6643d3289 Merge pull request #176 from msoedov/dependabot/pip/mkdocstrings-0.29.0 
build(deps-dev): bump mkdocstrings from 0.28.2 to 0.29.0
 2025-03-11 12:03:49 +02:00
nemanjaASE 3d6018302e Add error handling in report_chart.py 2025-03-11 00:01:33 +01:00
dependabot[bot] a54b11318a build(deps-dev): bump mkdocstrings from 0.28.2 to 0.29.0 
Bumps [mkdocstrings](https://github.com/mkdocstrings/mkdocstrings) from 0.28.2 to 0.29.0.
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mkdocstrings/mkdocstrings/compare/0.28.2...0.29.0)

---
updated-dependencies:
- dependency-name: mkdocstrings
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-10 18:09:28 +00:00
Alexander Myasoedov 91c99e642f fix(pc): 2025-03-10 13:25:17 +02:00
Alexander Myasoedov 1226e2059d Merge branch 'main' of github.com:msoedov/agentic_security 2025-03-10 13:24:42 +02:00
Alexander Myasoedov c94aa54e41 Merge pull request #172 from nemanjaASE/issue-157-error-handling 
Added error handling for subprocess.run calls by logging errors and raising AudioGenerationError.
 2025-03-10 13:23:20 +02:00
Alexander Myasoedov 431bf84956 Merge pull request #171 from sjay8/main 
Added url formatting check
 2025-03-10 13:21:10 +02:00
sjay8 9213b64de0 spacing 2025-03-09 14:44:42 -07:00
sjay8 9d2885f7a6 spacing 2025-03-09 14:40:35 -07:00
sjay8 4c0a57dbae fixed spacing issues-4 2025-03-09 14:28:47 -07:00
nemanjaASE 6e6abae680 Added error handling for subprocess.run calls by logging errors and raising AudioGenerationError. 
Ensured cleanup of temporary files even if an error occurs.
 2025-03-09 22:26:07 +01:00
sjay8 fa7bd104a0 fixed spacing issues-2 2025-03-09 14:25:45 -07:00
sjay8 321c3dafc0 fixed spacing issues 2025-03-09 14:22:13 -07:00
sjay8 eb14fe0f61 typo fixed 2025-03-09 13:55:11 -07:00
sjay8 b5985bf810 formatting in comment 2025-03-09 13:53:53 -07:00
sjay8 29362aed30 Fixed issue 137: ensuring http/https with :// is present 2025-03-09 13:48:32 -07:00
Alexander Myasoedov c2671fd6f1 fix(minor docs update): 2025-03-09 21:23:13 +02:00
Alexander Myasoedov 56984c7078 fix(mcp server): 2025-03-09 21:23:02 +02:00
Alexander Myasoedov f9dce3f915 fix(typo in base.js): 2025-03-09 20:43:08 +02:00
Alexander Myasoedov 6e99dfd54f feat(add toast): 2025-03-09 17:37:02 +02:00
Alexander Myasoedov 67f7381ace feat(add new theme): 2025-03-09 17:14:00 +02:00
Alexander Myasoedov e2cb909329 refactor(data module): 2025-03-09 17:10:14 +02:00
Alexander Myasoedov dbef9fcc03 fix(pytest workers): 2025-03-09 17:07:37 +02:00
Alexander Myasoedov 4a07411fbd fix(pc): 2025-03-09 16:46:09 +02:00
Alexander Myasoedov 11951c0ca0 Merge branch 'main' of github.com:msoedov/agentic_security 2025-03-09 16:45:39 +02:00
Alexander Myasoedov 02222b75f8 Merge pull request #162 from nemanjaASE/issue-158-missing-type-annotations 
Added Missing Type Annotations
 2025-03-09 16:43:40 +02:00
Alexander Myasoedov aa27817f94 Merge pull request #164 from Praveenk8051/feat/parallel-tests-execution-pydist 
chore: update pytest configuration to enable parallel test execution
 2025-03-09 16:41:43 +02:00
nemanjaASE 5a4b5e11b2 Fix: Remove unused imports with pycln 2025-03-09 15:21:50 +01:00
Praveenk8051 8bd76b9f05 chore: update pytest configuration to enable parallel test execution 2025-03-09 14:15:44 +01:00
Praveenk8051 6f3c522d59 chore: update poetry.lock and pyproject.toml to include pytest-xdist 2025-03-09 14:01:50 +01:00
nemanjaASE 71787c6ec9 Add type annotations to functions and methods for improved clarity and maintainabiliy 2025-03-09 13:50:18 +01:00
Alexander Myasoedov f911912c0f Merge branch 'main' of github.com:msoedov/agentic_security 2025-03-09 12:33:03 +02:00
Alexander Myasoedov 896ca95ae2 Merge pull request #161 from dogakantarci/move-tests-from-routes-to-tests-div 
fix: move routes/test_* to /tests/routes
 2025-03-09 12:32:44 +02:00
doa f85c77d622 fix: move routes/test_* to /tests/routes 2025-03-08 23:46:09 +03:00
Alexander Myasoedov 684ba0b70d Merge pull request #160 from dogakantarci/move-test-files 
Moved test files from agentic_security.probe_actor to tests.probe_actor
 2025-03-08 20:00:18 +02:00
doa 21b43b18e7 Moved test files from agentic_security.probe_actor to tests.probe_actor 2025-03-08 20:18:54 +03:00
Alexander Myasoedov 9340fa7223 Merge branch 'main' of github.com:msoedov/agentic_security 2025-03-08 18:14:06 +02:00
Alexander Myasoedov d20c1a3d0d Merge pull request #159 from dogakantarci/move-test-model 
fix: issue #156 - move test_model.py file to /tests directory
 2025-03-08 18:10:06 +02:00
Alexander Myasoedov 812f9e7619 fix(SecurityScanner): 2025-03-08 18:02:02 +02:00
doa ebac62e21a fix: issue #156 - move test file to tests dir 2025-03-08 19:01:57 +03:00
Alexander Myasoedov ce2a791663 fix(conflicting logger conf): 2025-03-08 17:54:21 +02:00
Alexander Myasoedov db994fd483 fix(logging): 2025-03-08 17:51:44 +02:00
Alexander Myasoedov 7fe93e8a14 feat(re org tests): 2025-03-08 12:38:54 +02:00
Alexander Myasoedov a934ee243e fix(logger name): 2025-03-08 12:36:38 +02:00
Alexander Myasoedov d646ecd61b feat(add logutils): 2025-03-08 12:35:16 +02:00
Alexander Myasoedov 21180b53e5 feat(bump version): 2025-03-07 19:42:59 +02:00
Alexander Myasoedov a8808b3165 Merge pull request #152 from msoedov/dependabot/pip/mkdocstrings-0.28.2 
build(deps-dev): bump mkdocstrings from 0.28.1 to 0.28.2
 2025-03-07 19:35:13 +02:00
Alexander Myasoedov 87c26ca3cc Merge pull request #153 from msoedov/dependabot/pip/numpy-2.2.3 
build(deps): bump numpy from 2.2.2 to 2.2.3
 2025-03-07 19:35:04 +02:00
dependabot[bot] e06c6932de build(deps): bump numpy from 2.2.2 to 2.2.3 
Bumps [numpy](https://github.com/numpy/numpy) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](https://github.com/numpy/numpy/compare/v2.2.2...v2.2.3)

---
updated-dependencies:
- dependency-name: numpy
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-07 17:23:41 +00:00
dependabot[bot] 51fcc38885 build(deps-dev): bump mkdocstrings from 0.28.1 to 0.28.2 
Bumps [mkdocstrings](https://github.com/mkdocstrings/mkdocstrings) from 0.28.1 to 0.28.2.
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mkdocstrings/mkdocstrings/compare/0.28.1...0.28.2)

---
updated-dependencies:
- dependency-name: mkdocstrings
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-07 17:23:09 +00:00
Alexander Myasoedov 06a7bbfd87 Merge pull request #151 from msoedov/dependabot/pip/pytest-8.3.5 
build(deps-dev): bump pytest from 8.3.4 to 8.3.5
 2025-03-06 23:12:28 +02:00
Alexander Myasoedov 50f3e52445 Merge pull request #150 from msoedov/dependabot/pip/jinja2-3.1.6 
build(deps): bump jinja2 from 3.1.5 to 3.1.6
 2025-03-06 23:12:21 +02:00
dependabot[bot] 2bd62c21be build(deps-dev): bump pytest from 8.3.4 to 8.3.5 
Bumps [pytest](https://github.com/pytest-dev/pytest) from 8.3.4 to 8.3.5.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/8.3.4...8.3.5)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-06 17:52:36 +00:00
dependabot[bot] d5d5dd48aa build(deps): bump jinja2 from 3.1.5 to 3.1.6 
Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.5 to 3.1.6.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/3.1.5...3.1.6)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-06 17:52:09 +00:00
Alexander Myasoedov bb2437197a Merge branch 'main' of github.com:msoedov/agentic_security 2025-03-05 19:39:08 +02:00
Alexander Myasoedov 51bb79aa6d feat(update docs): 2025-03-05 19:27:44 +02:00
Alexander Myasoedov 94f034fa9f Merge pull request #147 from msoedov/dependabot/pip/mkdocs-material-9.6.7 
build(deps-dev): bump mkdocs-material from 9.6.4 to 9.6.7
 2025-03-05 19:26:24 +02:00
Alexander Myasoedov f69de8720b Merge pull request #148 from msoedov/dependabot/pip/matplotlib-3.10.1 
build(deps): bump matplotlib from 3.10.0 to 3.10.1
 2025-03-05 19:26:14 +02:00
Alexander Myasoedov 7c9d83b1a7 fix(icon): 2025-03-05 19:25:45 +02:00
dependabot[bot] a9d4d671ba build(deps): bump matplotlib from 3.10.0 to 3.10.1 
Bumps [matplotlib](https://github.com/matplotlib/matplotlib) from 3.10.0 to 3.10.1.
- [Release notes](https://github.com/matplotlib/matplotlib/releases)
- [Commits](https://github.com/matplotlib/matplotlib/compare/v3.10.0...v3.10.1)

---
updated-dependencies:
- dependency-name: matplotlib
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-05 17:18:42 +00:00
dependabot[bot] 554a219535 build(deps-dev): bump mkdocs-material from 9.6.4 to 9.6.7 
Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.6.4 to 9.6.7.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.6.4...9.6.7)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-05 17:18:14 +00:00
Alexander Myasoedov 32e99006bf feat(update doc style): 2025-03-05 19:16:43 +02:00
Alexander Myasoedov 8c09d65687 fix(test 2nd link): 2025-03-05 18:56:21 +02:00
Alexander Myasoedov a2842755fa fix(revert demo): 2025-03-05 18:55:34 +02:00
Alexander Myasoedov b923f7fea5 fix(readme): 2025-03-05 18:53:17 +02:00
Alexander Myasoedov 7f30a8ff7a Merge branch 'main' of github.com:msoedov/agentic_security 2025-03-05 18:49:00 +02:00
Alexander Myasoedov 909cbd69b4 feat(Readme update): 2025-03-05 18:48:52 +02:00
Alexander Myasoedov 4f0ebf180e Merge pull request #128 from msoedov/dependabot/pip/mypy-1.15.0 
build(deps-dev): bump mypy from 1.14.1 to 1.15.0
 2025-03-05 15:13:35 +02:00
dependabot[bot] 6be9673aa7 build(deps-dev): bump mypy from 1.14.1 to 1.15.0 
Bumps [mypy](https://github.com/python/mypy) from 1.14.1 to 1.15.0.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.14.1...v1.15.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-05 13:08:33 +00:00
Alexander Myasoedov bd9ed97d85 Merge pull request #146 from msoedov/dependabot/pip/termcolor-2.5.0 
build(deps): bump termcolor from 2.4.0 to 2.5.0
 2025-03-05 15:06:40 +02:00
dependabot[bot] 3c88a4d6ba build(deps): bump termcolor from 2.4.0 to 2.5.0 
Bumps [termcolor](https://github.com/termcolor/termcolor) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/termcolor/termcolor/releases)
- [Changelog](https://github.com/termcolor/termcolor/blob/main/CHANGES.md)
- [Commits](https://github.com/termcolor/termcolor/compare/2.4.0...2.5.0)

---
updated-dependencies:
- dependency-name: termcolor
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-04 17:36:34 +00:00
Alexander Myasoedov 2001eeb125 fix(init_banner): 2025-03-04 17:30:10 +02:00
Alexander Myasoedov a26b5dd448 feat(error handling in fuzzer): 2025-03-04 09:34:24 +02:00
Alexander Myasoedov 716a0f67f3 Merge branch 'main' of github.com:msoedov/agentic_security 2025-03-04 09:29:24 +02:00
Alexander Myasoedov c1bbf6b422 fix(error handling on verify): 2025-03-04 09:24:19 +02:00
Alexander Myasoedov 705fe21887 Merge pull request #144 from msoedov/dependabot/pip/fastapi-0.115.11 
build(deps): bump fastapi from 0.115.8 to 0.115.11
 2025-03-03 20:03:34 +02:00
dependabot[bot] 6505d29d36 build(deps): bump fastapi from 0.115.8 to 0.115.11 
Bumps [fastapi](https://github.com/fastapi/fastapi) from 0.115.8 to 0.115.11.
- [Release notes](https://github.com/fastapi/fastapi/releases)
- [Commits](https://github.com/fastapi/fastapi/compare/0.115.8...0.115.11)

---
updated-dependencies:
- dependency-name: fastapi
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-03 17:58:08 +00:00
Alexander Myasoedov 801a330e27 feat(add fe is_active logic): 2025-03-02 22:55:21 +02:00
Alexander Myasoedov 92cabf6483 feat(add is_active flag): 2025-03-02 22:47:12 +02:00
Alexander Myasoedov 38f1bd7450 fix(pc): 2025-03-02 20:12:12 +02:00
Alexander Myasoedov ead883eeed feat(add test_registry_accessibility): 2025-03-02 20:09:03 +02:00
Alexander Myasoedov 5a57b997e5 fix(pc): 2025-03-02 19:57:48 +02:00
Alexander Myasoedov a8516a2da3 refactor(deprecate models.schema): 2025-03-02 19:57:09 +02:00
Alexander Myasoedov cb3a9bcbc0 fix(pc): 2025-03-02 19:48:45 +02:00
Alexander Myasoedov 3b2f407f2d fix(fuzzer): 2025-03-02 19:46:32 +02:00
Alexander Myasoedov 4b0ecc70ca fix(fuzzer): 2025-03-02 19:41:10 +02:00
Alexander Myasoedov 59d77904dd feat(add process_prompt_batch): 2025-03-02 19:35:05 +02:00
Alexander Myasoedov a8dd608f06 feat(add t5 model for testing): 2025-03-02 19:13:48 +02:00
Alexander Myasoedov f8102d1ee9 refactor(generate_default_settings): 2025-03-02 19:05:23 +02:00
Alexander Myasoedov ad6e0dbbc8 feat(move banner): 2025-03-02 19:04:17 +02:00
Alexander Myasoedov 6a8cc9bb14 feat(update test markers): 2025-03-02 19:04:08 +02:00
Alexander Myasoedov 263a282f47 feat(update pytest options): 2025-03-02 19:03:53 +02:00
Alexander Myasoedov 181e39bcfb feat(add slow test pytest cfg): 2025-03-02 19:03:39 +02:00
Alexander Myasoedov ec4bb0b086 feat(add tests dir): 2025-03-02 18:37:38 +02:00
Alexander Myasoedov cfd621bd4f Merge pull request #141 from msoedov/dependabot/pip/inline-snapshot-0.20.3 
build(deps-dev): bump inline-snapshot from 0.20.1 to 0.20.3
 2025-02-28 20:25:54 +02:00
dependabot[bot] 072ce574ad build(deps-dev): bump inline-snapshot from 0.20.1 to 0.20.3 
Bumps [inline-snapshot](https://github.com/15r10nk/inline-snapshot) from 0.20.1 to 0.20.3.
- [Release notes](https://github.com/15r10nk/inline-snapshot/releases)
- [Changelog](https://github.com/15r10nk/inline-snapshot/blob/main/CHANGELOG.md)
- [Commits](https://github.com/15r10nk/inline-snapshot/compare/0.20.1...0.20.3)

---
updated-dependencies:
- dependency-name: inline-snapshot
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-02-28 18:11:00 +00:00
Alexander Myasoedov a63106686f feat(Add banner): 2025-02-28 19:32:40 +02:00
Alexander Myasoedov 3d14cc3719 Merge pull request #140 from arvinnick/issue-138 
caught the json exception and imitated another error which was above it
 2025-02-25 12:32:06 +02:00
arvinnick b152e78de3 caught the json exception and imitated another error which was above it 2025-02-25 10:15:24 +04:00
Alexander Myasoedov 7e458dbfc4 fix(ignore_errors = [KeyboardInterrupt]): 2025-02-24 19:55:12 +02:00
Alexander Myasoedov e12ef2d0db fix(linter): 2025-02-22 12:14:01 +02:00
Alexander Myasoedov ce3686e198 feat(add crew agent): 2025-02-22 12:13:43 +02:00
Alexander Myasoedov c79172b4df feat(add pydantic_ai): 2025-02-22 12:13:31 +02:00
Alexander Myasoedov e26d4ab841 feat(add agents module): 2025-02-22 12:13:18 +02:00
Alexander Myasoedov a377e82a24 fix(update operator py): 2025-02-21 23:06:04 +02:00
Alexander Myasoedov 126bf11b63 feat(add orjson): 2025-02-21 19:58:06 +02:00
Alexander Myasoedov 4b0b6987cb feat(add configurable network timeout): 2025-02-21 19:30:03 +02:00
Alexander Myasoedov 0ce4aac682 feat(add caching cfg): 2025-02-21 19:25:24 +02:00
Alexander Myasoedov c15ac38bec feat(add network.retry): 2025-02-21 19:17:45 +02:00
Alexander Myasoedov bf14877ef4 refactor(config->settings): 2025-02-21 19:16:51 +02:00
Alexander Myasoedov b8069b809a fix(E( 00.00 )): 2025-02-21 19:02:45 +02:00
Alexander Myasoedov 5c37e33069 feat( FastAPI(default_response_class=ORJSONResponse)): 2025-02-21 18:57:03 +02:00
Alexander Myasoedov 5bb5fafa89 Merge pull request #136 from maystrenk0/maystrenk0 
fix(add spec OpenRouter.ai to base.js)
 2025-02-21 15:34:07 +02:00
Oleksandr Maistrenko be85b21767 fix(add spec OpenRouter.ai to base.js) 2025-02-21 13:36:55 +02:00
Alexander Myasoedov 7e05716977 fix(typo): 2025-02-21 00:02:07 +02:00
Alexander Myasoedov 518cbf7fc3 feat(Update readme): 2025-02-21 00:01:10 +02:00
Alexander Myasoedov 1fdc1eb8de feat(fix linter): 2025-02-20 23:35:12 +02:00
Alexander Myasoedov ba67dd40ff fix(typo): 2025-02-20 23:32:58 +02:00
Alexander Myasoedov 3c75a24622 fix(fmt): 2025-02-20 23:31:25 +02:00
Alexander Myasoedov 60e6dd0a1a fix(empty value in secret expansion): 2025-02-20 23:31:06 +02:00
Alexander Myasoedov c97e43612b fix(linter): 2025-02-20 23:29:46 +02:00
Alexander Myasoedov 94638064d2 feat(bump 0.5.0): 2025-02-20 23:27:34 +02:00
Alexander Myasoedov 701c175469 feat(add $VAR expansion from config): 2025-02-20 23:26:49 +02:00
Alexander Myasoedov ba36dcd02f fix(disable logging): 2025-02-20 17:53:51 +02:00
Alexander Myasoedov 1ce59151f3 feat(add InMemorySecrets to fuzzer): 2025-02-20 16:24:52 +02:00
Alexander Myasoedov da50a48061 fix(imports): 2025-02-20 16:15:55 +02:00
Alexander Myasoedov a944083eea feat(add InMemorySecrets): 2025-02-20 16:15:34 +02:00
Alexander Myasoedov 130ef550df feat(update telemetry): 2025-02-20 16:05:34 +02:00
Alexander Myasoedov 3435d7e6bf feat(simplify lib by refactoring config): 2025-02-20 14:06:32 +02:00
Alexander Myasoedov ee3faab415 feat(update default config path): 2025-02-20 13:09:43 +02:00
Alexander Myasoedov 02255a251c fix(pre commit): 2025-02-17 20:31:13 +02:00
Alexander Myasoedov 15881af019 fix(.gitattributes ): 2025-02-17 20:24:02 +02:00
Alexander Myasoedov 458ebfe638 feat(add .gitattributes ): 2025-02-17 20:23:25 +02:00
Alexander Myasoedov 4ffca42e48 fix(csv file generation bug): 2025-02-17 20:21:47 +02:00
Alexander Myasoedov 653e9a7234 feat(update scan fe logic): 2025-02-17 19:48:06 +02:00
Alexander Myasoedov 3e1dd27f03 fix(add latency param): 2025-02-17 19:47:35 +02:00
Alexander Myasoedov a7f61af921 fix(2024->2025): 2025-02-17 19:47:14 +02:00
Alexander Myasoedov 4f560148ce feat(update theme, fix cdn link): 2025-02-17 19:46:52 +02:00
Alexander Myasoedov 51ff4d8372 fix(discord link): 2025-02-17 18:13:00 +02:00
Alexander Myasoedov c5c310743b fix(.pre-commit-config.yaml): 2025-02-17 18:07:37 +02:00
Alexander Myasoedov 3f83d84941 fix(static files proxing): 2025-02-17 18:02:15 +02:00
Alexander Myasoedov 99fc8cb2e7 fix(fix network error handling in fuzzer): 2025-02-17 18:01:38 +02:00
Alexander Myasoedov 46ef89355b feat(update handling of static files): 2025-02-17 17:58:28 +02:00
Alexander Myasoedov c481676941 feat(update markdown linter): 2025-02-17 17:58:08 +02:00
Alexander Myasoedov 298a0163d6 fix(isort): 2025-02-17 17:39:31 +02:00
Alexander Myasoedov f20d218a16 feat(add llm icons): 2025-02-17 17:38:20 +02:00
Alexander Myasoedov 214341dfbb fix(fix config bar): 2025-02-17 17:18:20 +02:00
Alexander Myasoedov a2fa412141 fix(end-of-file-fixer rule): 2025-02-17 16:03:06 +02:00
Alexander Myasoedov 18f97c7fc2 fix(file): 2025-02-17 16:01:12 +02:00
Alexander Myasoedov 544796ff60 Merge pull request #113 from Praveenk8051/feat/extension-with-sample-tests 
feat(operator): add agent testing functionality with endpoint
 2025-02-17 16:00:51 +02:00
Alexander Myasoedov b600e69aa1 Merge pull request #127 from Rumixyz/patch-1 
Create Vue CLI Setup
 2025-02-17 16:00:00 +02:00
Alexander Myasoedov c890b7caeb fix(pre commit): 2025-02-16 17:56:33 +02:00
Praveen 3842f90949 Merge branch 'msoedov:main' into feat/extension-with-sample-tests 2025-02-16 16:50:59 +01:00
Alexander Myasoedov 68cba92d49 Merge pull request #125 from Niharika0104/VueCLI 
Migration to VueCLI
 2025-02-16 17:40:37 +02:00
Praveenk8051 121d56495e style: streamline code formatting in operator.py for improved readability 2025-02-16 16:13:21 +01:00
Praveenk8051 a001a33f68 refactor: update type hints in AgentSpecification for improved clarity and consistency 2025-02-16 16:11:46 +01:00
Praveenk8051 1c6b8d96fb style: improve code formatting and consistency in operator.py 2025-02-16 15:56:16 +01:00
Praveenk8051 8cc4d79ddf fix: update type hints in OperatorToolBox for consistency 2025-02-16 15:53:13 +01:00
Praveenk8051 fa37cfe710 feat: enhance AgentSpecification and OperatorToolBox with optional typing and improved logging 2025-02-16 15:45:20 +01:00
Praveenk8051 9a2779517b Merge branch 'main' of https://github.com/Praveenk8051/agentic_security into feat/extension-with-sample-tests 2025-02-16 15:45:10 +01:00
Niharika Goulikar 5801dfee7e migration to vueCLi and css to tailwind css 3 done 2025-02-16 11:54:08 +00:00
Rumixyz e4545026e0 Create Vue CLI Setup 2025-02-16 15:21:12 +05:30
Alexander Myasoedov 98e58c9c49 fix(chmod +x changelog.sh): 2025-02-15 13:37:38 +02:00
Praveenk8051 4c0d89bf86 feat(operator): add agent testing functionality with endpoint verification 2025-01-30 07:46:32 +01:00
110 changed files with 47095 additions and 1339 deletions
Expand all files Collapse all files
.gitattributes
+3
View File
@@ -0,0 +1,3 @@
*.js linguist-detectable=false
*.html linguist-detectable=false
*.py linguist-detectable=true
.gitignore
+2
View File
@@ -16,3 +16,5 @@ garak_rest.json
inv/
scripts/
docx/
agentic_security.toml
/venv
.pre-commit-config.yaml
+16 -13
View File
@@ -46,20 +46,23 @@ repos:
- id: trailing-whitespace
types: [python]
- id: end-of-file-fixer
types: [python]
types: [file]
files: \.(py|js|vue)$
- repo: https://github.com/executablebooks/mdformat
rev: 0.7.17
hooks:
- id: mdformat
name: mdformat
entry: mdformat .
language_version: python3.11
# - repo: https://github.com/hadialqattan/pycln
# rev: v2.4.0
# - repo: https://github.com/executablebooks/mdformat
# rev: 0.7.22
# hooks:
# - id: pycln
# - id: mdformat
# name: mdformat
# entry: mdformat .
# language_version: python3.11
# files: "docs/.*\\.md$"
- repo: https://github.com/hadialqattan/pycln
rev: v2.5.0
hooks:
- id: pycln
- repo: https://github.com/isidentical/teyit
rev: 0.4.3
@@ -79,8 +82,8 @@ repos:
rev: v2.2.6
hooks:
- id: codespell
exclude: '^(third_party/)|(poetry.lock)'
exclude: '^(third_party/)|(poetry.lock)|(ui/package-lock.json)|(agentic_security/static/.*)'
args:
# if you've got a short variable name that's getting flagged, add it here
- -L bu,ro,te,ue,alo,hda,ois,nam,nams,ned,som,parm,setts,inout,warmup,bumb,nd,sie
- -L bu,ro,te,ue,alo,hda,ois,nam,nams,ned,som,parm,setts,inout,warmup,bumb,nd,sie,vEw
- --builtins clear,rare,informal,usage,code,names,en-GB_to_en-US
Readme.md
+52 -25
View File
@@ -1,37 +1,54 @@
<p align="center">
<h1 align="center">Agentic Security</h1>
<p align="center">
The open-source Agentic LLM Vulnerability Scanner
<br />
<br />
<h1 align="center">Agentic Security</h1>
<p align="center">
An open-source vulnerability scanner for Agent Workflows and Large Language Models (LLMs)<br />
Protecting AI systems from jailbreaks, fuzzing, and multimodal attacks.<br />
<a href="https://agentic-security.vercel.app">Explore the docs »</a> ·
<a href="https://github.com/msoedov/agentic_security/issues">Report a Bug »</a>
</p>
</p>
<p align="center">
<a href="https://github.com/msoedov/agentic_security/commits/main">
<img alt="GitHub Last Commit" src="https://img.shields.io/github/last-commit/msoedov/agentic_security?style=for-the-badge&logo=git&labelColor=000000&logoColor=FFFFFF&label=Last Commit&color=6A35FF" />
<img alt="GitHub Last Commit" src="https://img.shields.io/github/last-commit/msoedov/agentic_security?style=for-the-badge&logo=git&labelColor=000000&color=6A35FF" />
</a>
<a href="https://github.com/msoedov/agentic_security">
<img alt="GitHub Repo Size" src="https://img.shields.io/github/repo-size/msoedov/agentic_security?style=for-the-badge&logo=database&labelColor=000000&logoColor=FFFFFF&label=Repo Size&color=yellow" />
</a>
<img alt="GitHub Repo Size" src="https://img.shields.io/github/repo-size/msoedov/agentic_security?style=for-the-badge&logo=database&labelColor=000000&color=yellow" />
</a>
<a href="https://github.com/msoedov/agentic_security/blob/master/LICENSE">
<img alt="GitHub License" src="https://img.shields.io/github/license/msoedov/agentic_security?style=for-the-badge&logo=codeigniter&labelColor=000000&logoColor=FFFFFF&label=License&color=FFCC19" />
<img alt="GitHub License" src="https://img.shields.io/github/license/msoedov/agentic_security?style=for-the-badge&logo=codeigniter&labelColor=000000&color=FFCC19" />
</a>
<a href="https://pypi.org/project/agentic-security/">
<img alt="PyPI Version" src="https://img.shields.io/pypi/v/agentic-security?style=for-the-badge&logo=pypi&labelColor=000000&color=00CCFF" />
</a>
<a href="https://discord.gg/stw3DfZQ">
<img alt="Join Discord" src="https://img.shields.io/badge/Discord-Join%20Us-black?style=for-the-badge&logo=discord&labelColor=000000&color=DD55FF" />
</a>
<a href="https://discord.com/channels/1340010688764051499/1340010689309315247"><img alt="Join the community" src="https://img.shields.io/badge/Join%20the%20community-black.svg?style=for-the-badge&logo=lightning&labelColor=000000&logoColor=FFFFFF&label=&color=DD55FF&logoWidth=20" /></a>
</p>
## Features
- Multi modal attacks and vulnerability scanners🛠️
- Multi-Step/multi-round Jailbreaks 🌀
- Comprehensive fuzzing for any LLMs 🧪
- LLM API integration and stress testing 🛠️
- RL based attacks 📡
Note: Please be aware that Agentic Security is designed as a safety scanner tool and not a foolproof solution. It cannot guarantee complete protection against all possible threats.
Agentic Security equips you with powerful tools to safeguard LLMs against emerging threats. Here's what you can do:
- **Multimodal Attacks** 🖼️🎙️
Probe vulnerabilities across text, images, and audio inputs to ensure your LLM is robust against diverse threats.
- **Multi-Step Jailbreaks** 🌀
Simulate sophisticated, iterative attack sequences to uncover weaknesses in LLM safety mechanisms.
- **Comprehensive Fuzzing** 🧪
Stress-test any LLM with randomized inputs to identify edge cases and unexpected behaviors.
- **API Integration & Stress Testing** 🌐
Seamlessly connect to LLM APIs and push their limits with high-volume, real-world attack scenarios.
- **RL-Based Attacks** 📡
Leverage reinforcement learning to craft adaptive, intelligent probes that evolve with your models defenses.
> **Why It Matters**: These features help developers, researchers, and security teams proactively identify and mitigate risks in AI systems, ensuring safer and more reliable deployments.
## 📦 Installation
@@ -66,7 +83,7 @@ agentic_security --port=PORT --host=HOST
## UI 🧙
<img width="100%" alt="booking-screen" src="https://res.cloudinary.com/dq0w2rtm9/image/upload/v1736433557/z0bsyzhsqlgcr3w4ovwp.gif">
<img width="100%" alt="booking-screen" src="https://raw.githubusercontent.com/msoedov/agentic_security/refs/heads/main/docs/images/demo.gif">
## LLM kwargs
@@ -111,7 +128,7 @@ Init config
```shell
agentic_security init
2025-01-08 20:12:02.449 | INFO | agentic_security.lib:generate_default_cfg:324 - Default configuration generated successfully to agesec.toml.
2025-01-08 20:12:02.449 | INFO | agentic_security.lib:generate_default_settings:324 - Default configuration generated successfully to agesec.toml.
```
@@ -391,10 +408,15 @@ For more detailed information on how to use Agentic Security, including advanced
## Roadmap and Future Goals
- \[ \] Expand dataset variety
- \[ \] Introduce two new attack vectors
- \[ \] Develop initial attacker LLM
- \[ \] Complete integration of OWASP Top 10 classification
Were just getting started! Heres whats on the horizon:
- **RL-Powered Attacks**: An attacker LLM trained with reinforcement learning to dynamically evolve jailbreaks and outsmart defenses.
- **Massive Dataset Expansion**: Scaling to 100,000+ prompts across text, image, and audio modalities—curated for real-world threats.
- **Daily Attack Updates**: Fresh attack vectors delivered daily, keeping your scans ahead of the curve.
- **Community Modules**: A plug-and-play ecosystem where you can share and deploy custom probes, datasets, and integrations.
| Tool | Source | Integrated |
|-------------------------|-------------------------------------------------------------------------------|------------|
@@ -422,4 +444,9 @@ Before contributing, please read the contributing guidelines.
Agentic Security is released under the Apache License v2.
## 🚫 No Cryptocurrency Affiliation
Agentic Security is focused solely on AI security and has no affiliation with cryptocurrency projects, blockchain technologies, or related initiatives. Our mission is to advance the safety and reliability of AI systems—no tokens, no coins, just code.
## Contact us
agentic_security/__init__.py
+2 -2
View File
@@ -1,3 +1,3 @@
from .lib import AgenticSecurity
from .lib import SecurityScanner
__all__ = ["AgenticSecurity"]
__all__ = ["SecurityScanner"]
agentic_security/__main__.py
+6 -4
View File
@@ -5,7 +5,8 @@ import fire
import uvicorn
from agentic_security.app import app
from agentic_security.lib import AgenticSecurity
from agentic_security.lib import SecurityScanner
from agentic_security.misc.banner import init_banner
class CLI:
@@ -31,14 +32,14 @@ class CLI:
Run Agentic Security in CI mode.
"""
sys.path.append(os.path.dirname("."))
AgenticSecurity().entrypoint()
SecurityScanner().entrypoint()
def init(self, host: str = "0.0.0.0", port: int = 8718):
"""
Generate the default CI configuration file.
"""
sys.path.append(os.path.dirname("."))
AgenticSecurity().generate_default_cfg(host, port)
SecurityScanner().generate_default_settings(host, port)
i = init
@@ -47,7 +48,7 @@ class CLI:
List all available security checks.
"""
sys.path.append(os.path.dirname("."))
AgenticSecurity().list_checks()
SecurityScanner().list_checks()
def main():
@@ -61,4 +62,5 @@ def main():
if __name__ == "__main__":
init_banner()
main()
agentic_security/agents/__init__.py
View File
agentic_security/agents/operator_crew.py
+254
View File
@@ -0,0 +1,254 @@
import asyncio
import os
from typing import Any
import httpx
from crewai import Agent, Crew, Task
from crewai_tools import tool
from pydantic import BaseModel, ConfigDict, Field
# Assuming LLMSpec is defined elsewhere; placeholder import
from agentic_security.http_spec import LLMSpec
from agentic_security.logutils import logger
LLM_SPECS = [] # Populate with LLM spec strings if needed
# Configure logging
# Define AgentSpecification model
class AgentSpecification(BaseModel):
name: str | None = Field(None, description="Name of the LLM/agent")
version: str | None = Field(None, description="Version of the LLM/agent")
description: str | None = Field(None, description="Description of the LLM/agent")
capabilities: list[str] | None = Field(None, description="List of capabilities")
configuration: dict[str, Any] | None = Field(
None, description="Configuration settings"
)
endpoint: str | None = Field(None, description="Endpoint URL of the deployed agent")
model_config = ConfigDict(arbitrary_types_allowed=True)
# Define OperatorToolBox class (unchanged from original)
class OperatorToolBox:
def __init__(self, spec: AgentSpecification, datasets: list[dict[str, Any]]):
self.spec = spec
self.datasets = datasets
self.failures = []
self.llm_specs = [LLMSpec.from_string(spec) for spec in LLM_SPECS]
def get_spec(self) -> AgentSpecification:
return self.spec
def get_datasets(self) -> list[dict[str, Any]]:
return self.datasets
def validate(self) -> bool:
if not self.spec.name or not self.spec.version:
self.failures.append("Invalid specification: Name or version is missing.")
return False
if not self.datasets:
self.failures.append("No datasets provided.")
return False
return True
def stop(self) -> None:
logger.info("Stopping the toolbox...")
def run(self) -> None:
logger.info("Running the toolbox...")
def get_results(self) -> list[dict[str, Any]]:
return self.datasets
def get_failures(self) -> list[str]:
return self.failures
def run_operation(self, operation: str) -> str:
if operation not in ["dataset1", "dataset2", "dataset3"]:
self.failures.append(f"Operation '{operation}' failed: Dataset not found.")
return f"Operation '{operation}' failed: Dataset not found."
return f"Operation '{operation}' executed successfully."
async def test_llm_spec(self, llm_spec: LLMSpec, user_prompt: str) -> str:
try:
response = await llm_spec.verify()
response.raise_for_status()
logger.info(f"Verification succeeded for {llm_spec.url}")
test_response = await llm_spec.probe(user_prompt)
test_response.raise_for_status()
response_data = test_response.json()
return f"Test succeeded for {llm_spec.url}: {response_data}"
except httpx.HTTPStatusError as e:
self.failures.append(f"HTTP error occurred: {e}")
logger.error(f"Test failed for {llm_spec.url}: {e}")
return f"Test failed for {llm_spec.url}: {e}"
except Exception as e:
self.failures.append(f"An error occurred: {e}")
logger.error(f"Test failed for {llm_spec.url}: {e}")
return f"Test failed for {llm_spec.url}: {e}"
async def test_with_prompt(self, spec_index: int, user_prompt: str) -> str:
if not 0 <= spec_index < len(self.llm_specs):
return f"Invalid spec index: {spec_index}. Valid range is 0 to {len(self.llm_specs) - 1}"
llm_spec = self.llm_specs[spec_index]
return await self.test_llm_spec(llm_spec, user_prompt)
# Define CrewAI Tools
@tool("validate_toolbox")
def validate_toolbox(toolbox: OperatorToolBox) -> str:
"""Validate the toolbox configuration."""
is_valid = toolbox.validate()
return (
"ToolBox validation successful." if is_valid else "ToolBox validation failed."
)
@tool("execute_operation")
def execute_operation(toolbox: OperatorToolBox, operation: str) -> str:
"""Execute a dataset operation."""
return toolbox.run_operation(operation)
@tool("retrieve_results")
def retrieve_results(toolbox: OperatorToolBox) -> str:
"""Retrieve the results of operations."""
results = toolbox.get_results()
return (
f"Operation Results:\n{results}"
if results
else "No operations have been executed yet."
)
@tool("retrieve_failures")
def retrieve_failures(toolbox: OperatorToolBox) -> str:
"""Retrieve recorded failures."""
failures = toolbox.get_failures()
return f"Failures:\n{failures}" if failures else "No failures recorded."
@tool("list_llm_specs")
def list_llm_specs(toolbox: OperatorToolBox) -> str:
"""List available LLM specifications."""
spec_list = "\n".join(
f"{i}: {spec.url}" for i, spec in enumerate(toolbox.llm_specs)
)
return f"Available LLM Specs:\n{spec_list}"
@tool("test_llm_with_prompt")
async def test_llm_with_prompt(
toolbox: OperatorToolBox, spec_index: int, user_prompt: str
) -> str:
"""Test an LLM spec with a user prompt."""
return await toolbox.test_with_prompt(spec_index, user_prompt)
# Setup OperatorToolBox
spec = AgentSpecification(
name="DeepSeek Chat",
version="1.0",
description="A powerful language model",
capabilities=["text-generation", "question-answering"],
configuration={"max_tokens": 100},
)
toolbox = OperatorToolBox(
spec=spec, datasets=[{"id": "dataset1"}, {"id": "dataset2"}, {"id": "dataset3"}]
)
# Define CrewAI Agent
dataset_manager_agent = Agent(
role="Dataset Manager",
goal="Manage and operate the OperatorToolBox to validate configurations, run operations, and test LLMs.",
backstory="An expert in dataset management and LLM testing, designed to assist with toolbox operations.",
verbose=True,
llm="openai", # Using OpenAI-compatible API for DeepSeek; adjust if DeepSeek has a specific ID
tools=[
validate_toolbox,
execute_operation,
retrieve_results,
retrieve_failures,
list_llm_specs,
test_llm_with_prompt,
],
allow_delegation=False, # Single agent, no delegation needed
)
# Define Tasks
tasks = [
Task(
description="Validate the toolbox configuration.",
agent=dataset_manager_agent,
expected_output="A string indicating whether validation succeeded or failed.",
),
Task(
description="List available LLM specifications.",
agent=dataset_manager_agent,
expected_output="A string listing available LLM specs.",
),
Task(
description="Guide the user to test an LLM with the prompt: 'Tell me a short story about a robot'. Suggest listing specs first.",
agent=dataset_manager_agent,
expected_output="A string suggesting the user list specs and proceed with testing.",
),
]
# Define Crew
crew = Crew(
agents=[dataset_manager_agent],
tasks=tasks,
verbose=2, # Detailed logging
)
# Async wrapper to handle async tools
async def run_crew():
# Since CrewAI's process() is synchronous but our tool is async, we need to run it in an event loop
result = (
crew.kickoff()
) # Synchronous call; async tools are awaited internally by CrewAI
print("\nCrew Results:")
for task_result in result:
print(f"Task: {task_result.description}")
print(f"Output: {task_result.output}\n")
# Handle user interaction for LLM testing
print("Please select a spec index from the listed specs and confirm to proceed.")
user_input = (
input("Enter spec index and 'yes' to confirm (e.g., '0 yes'): ").strip().split()
)
if len(user_input) == 2 and user_input[1].lower() == "yes":
try:
spec_index = int(user_input[0])
user_prompt = "Tell me a short story about a robot"
# Create a new task for testing
test_task = Task(
description=f"Test LLM at index {spec_index} with prompt: '{user_prompt}'",
agent=dataset_manager_agent,
expected_output="A string with the test result from the LLM.",
)
test_crew = Crew(
agents=[dataset_manager_agent], tasks=[test_task], verbose=2
)
test_result = test_crew.kickoff()
print(f"Test Output: {test_result[0].output}\n")
except ValueError:
print("Invalid spec index provided.\n")
else:
print("Test canceled. Please provide a valid index and confirmation.\n")
# Ensure DeepSeek API key is set
os.environ["OPENAI_API_KEY"] = os.environ.get(
"DEEPSEEK_API_KEY", ""
) # CrewAI uses OPENAI_API_KEY
os.environ[
"OPENAI_MODEL_NAME"
] = "deepseek:chat" # Specify DeepSeek model (adjust if needed)
if __name__ == "__main__":
asyncio.run(run_crew())
agentic_security/agents/operator_pydantic.py
+234
View File
@@ -0,0 +1,234 @@
import asyncio
from typing import Any
import httpx
from pydantic import BaseModel, ConfigDict, Field
from pydantic_ai import Agent, RunContext, Tool
# Assuming LLMSpec is defined elsewhere; placeholder import
from agentic_security.http_spec import LLMSpec
from agentic_security.logutils import logger
LLM_SPECS = [] # Populate this list with LLM spec strings if needed
# Define AgentSpecification model
class AgentSpecification(BaseModel):
name: str | None = Field(None, description="Name of the LLM/agent")
version: str | None = Field(None, description="Version of the LLM/agent")
description: str | None = Field(None, description="Description of the LLM/agent")
capabilities: list[str] | None = Field(None, description="List of capabilities")
configuration: dict[str, Any] | None = Field(
None, description="Configuration settings"
)
endpoint: str | None = Field(None, description="Endpoint URL of the deployed agent")
model_config = ConfigDict(arbitrary_types_allowed=True)
# Define OperatorToolBox class
class OperatorToolBox:
def __init__(self, spec: AgentSpecification, datasets: list[dict[str, Any]]):
self.spec = spec
self.datasets = datasets
self.failures = []
self.llm_specs = [LLMSpec.from_string(spec) for spec in LLM_SPECS]
def get_spec(self) -> AgentSpecification:
return self.spec
def get_datasets(self) -> list[dict[str, Any]]:
return self.datasets
def validate(self) -> bool:
if not self.spec.name or not self.spec.version:
self.failures.append("Invalid specification: Name or version is missing.")
return False
if not self.datasets:
self.failures.append("No datasets provided.")
return False
return True
def stop(self) -> None:
logger.info("Stopping the toolbox...")
def run(self) -> None:
logger.info("Running the toolbox...")
def get_results(self) -> list[dict[str, Any]]:
return self.datasets
def get_failures(self) -> list[str]:
return self.failures
def run_operation(self, operation: str) -> str:
if operation not in ["dataset1", "dataset2", "dataset3"]:
self.failures.append(f"Operation '{operation}' failed: Dataset not found.")
return f"Operation '{operation}' failed: Dataset not found."
return f"Operation '{operation}' executed successfully."
async def test_llm_spec(self, llm_spec: LLMSpec, user_prompt: str) -> str:
try:
response = await llm_spec.verify()
response.raise_for_status()
logger.info(f"Verification succeeded for {llm_spec.url}")
test_response = await llm_spec.probe(user_prompt)
test_response.raise_for_status()
response_data = test_response.json()
return f"Test succeeded for {llm_spec.url}: {response_data}"
except httpx.HTTPStatusError as e:
self.failures.append(f"HTTP error occurred: {e}")
logger.error(f"Test failed for {llm_spec.url}: {e}")
return f"Test failed for {llm_spec.url}: {e}"
except Exception as e:
self.failures.append(f"An error occurred: {e}")
logger.error(f"Test failed for {llm_spec.url}: {e}")
return f"Test failed for {llm_spec.url}: {e}"
async def test_with_prompt(self, spec_index: int, user_prompt: str) -> str:
if not 0 <= spec_index < len(self.llm_specs):
return f"Invalid spec index: {spec_index}. Valid range is 0 to {len(self.llm_specs) - 1}"
llm_spec = self.llm_specs[spec_index]
return await self.test_llm_spec(llm_spec, user_prompt)
# Define the Agent
class DatasetManagerAgent(Agent):
model: str = "deepseek:chat"
system_prompt: str = (
"You are an AI agent managing an OperatorToolBox. You can validate the toolbox, run operations, "
"retrieve results or failures, list LLM specs, and test LLM specs with user prompts. "
"Use the provided tools to assist the user based on their request."
)
def __init__(self, toolbox: OperatorToolBox, **kwargs):
super().__init__(**kwargs)
self.toolbox = toolbox
# Define async tools within __init__
async def validate_toolbox(ctx: RunContext[Any]) -> str:
is_valid = self.toolbox.validate()
return (
"ToolBox validation successful."
if is_valid
else "ToolBox validation failed."
)
async def execute_operation(ctx: RunContext[Any], operation: str) -> str:
return self.toolbox.run_operation(operation)
async def retrieve_results(ctx: RunContext[Any]) -> str:
results = self.toolbox.get_results()
return (
f"Operation Results:\n{results}"
if results
else "No operations have been executed yet."
)
async def retrieve_failures(ctx: RunContext[Any]) -> str:
failures = self.toolbox.get_failures()
return f"Failures:\n{failures}" if failures else "No failures recorded."
async def list_llm_specs(ctx: RunContext[Any]) -> str:
spec_list = "\n".join(
f"{i}: {spec.url}" for i, spec in enumerate(self.toolbox.llm_specs)
)
return f"Available LLM Specs:\n{spec_list}"
async def test_llm_with_prompt(
ctx: RunContext[Any], spec_index: int, user_prompt: str
) -> str:
return await self.toolbox.test_with_prompt(spec_index, user_prompt)
# Register tools
self.tools = [
Tool(
name="validate_toolbox",
description="Validate the toolbox configuration.",
function=validate_toolbox,
),
Tool(
name="execute_operation",
description="Execute a dataset operation.",
function=execute_operation,
),
Tool(
name="retrieve_results",
description="Retrieve the results of operations.",
function=retrieve_results,
),
Tool(
name="retrieve_failures",
description="Retrieve recorded failures.",
function=retrieve_failures,
),
Tool(
name="list_llm_specs",
description="List available LLM specifications.",
function=list_llm_specs,
),
Tool(
name="test_llm_with_prompt",
description="Test an LLM spec with a user prompt.",
function=test_llm_with_prompt,
),
]
# Setup and run example
async def run_dataset_manager_agent_async():
# Initialize OperatorToolBox with AgentSpecification
spec = AgentSpecification(
name="DeepSeek Chat",
version="1.0",
description="A powerful language model",
capabilities=["text-generation", "question-answering"],
configuration={"max_tokens": 100},
)
toolbox = OperatorToolBox(
spec=spec, datasets=[{"id": "dataset1"}, {"id": "dataset2"}, {"id": "dataset3"}]
)
# Create the agent
agent = DatasetManagerAgent(toolbox=toolbox)
# Example prompts
prompts = [
"Validate the toolbox.",
"List available LLM specs.",
"I want to test an LLM with my prompt: 'Tell me a short story about a robot'. Which spec index should I use?",
]
for prompt in prompts:
result = await agent.run(prompt)
print(f"Prompt: {prompt}")
print(f"Response: {result}\n")
# Handle testing request
if "test an LLM with my prompt" in prompt:
print(
"Please select a spec index from the list above and confirm to proceed."
)
# Simulate user input (replace with real input in practice)
user_input = (
input("Enter spec index and 'yes' to confirm (e.g., '0 yes'): ")
.strip()
.split()
)
if len(user_input) == 2 and user_input[1].lower() == "yes":
try:
spec_index = int(user_input[0])
user_prompt = prompt.split("my prompt: ")[1].strip("'")
test_result = await agent.run(
f"Test LLM at index {spec_index} with prompt: {user_prompt}"
)
print(f"Test Response: {test_result}\n")
except ValueError:
print("Invalid spec index provided.\n")
else:
print("Test canceled. Please provide a valid index and confirmation.\n")
if __name__ == "__main__":
asyncio.run(run_dataset_manager_agent_async())
agentic_security/app.py
+2
View File
@@ -8,6 +8,7 @@ from .routes import (
report_router,
scan_router,
static_router,
telemetry,
)
# Create the FastAPI app
@@ -26,3 +27,4 @@ app.include_router(scan_router)
app.include_router(probe_router)
app.include_router(proxy_router)
app.include_router(report_router)
telemetry.setup(app)
agentic_security/config.py
+155
View File
@@ -0,0 +1,155 @@
from functools import lru_cache
import tomli
from agentic_security.logutils import logger
SETTINGS_VERSION = 1
@lru_cache(maxsize=1)
def settings_var(name: str, default=None):
return get_or_create_config().get_config_value(name, default)
@lru_cache(maxsize=1)
def get_or_create_config():
cfg = SettingsMixin()
cfg.get_or_create_config()
return cfg
class SettingsMixin:
config = {}
default_path = "agentic_security.toml"
def get_or_create_config(self) -> bool:
if not self.has_local_config():
self.generate_default_settings()
return False
self.load_config(self.default_path)
settings_version = self.get_config_value("general.version")
if settings_version and settings_version != SETTINGS_VERSION:
logger.error(
f"Configuration version mismatch: expected {SETTINGS_VERSION}, got {settings_version}."
)
return False
return True
def has_local_config(self):
try:
with open(self.default_path):
return True
except FileNotFoundError:
return False
@classmethod
def load_config(cls, config_path: str):
"""
Load configuration from a TOML file and store it in the class variable.
Args:
config_path (str): Path to the TOML configuration file.
Raises:
FileNotFoundError: If the configuration file is not found.
toml.TomlDecodeError: If the configuration file has syntax errors.
"""
try:
with open(config_path, "rb") as config_file:
cls.config = tomli.load(config_file)
logger.info(f"Configuration loaded successfully from {config_path}.")
except FileNotFoundError:
logger.error(f"Configuration file {config_path} not found.")
raise
except Exception as e:
logger.error(f"Error parsing TOML configuration: {e}")
raise
@classmethod
def get_config_value(cls, key: str, default=None):
"""
Retrieve a configuration value by key from the loaded configuration.
Args:
key (str): Dot-separated key path to the configuration value (e.g., 'general.maxBudget').
default: Default value if the key is not found.
Returns:
The configuration value if found, otherwise the default value.
"""
keys = key.split(".")
value = cls.config
for k in keys:
if isinstance(value, dict) and k in value:
value = value[k]
else:
return default
return value
def generate_default_settings(self, host: str = "0.0.0.0", port: int = 8718):
# Accept host / port as parameters
with open(self.default_path, "w") as f:
f.write(
"""
[general]
# General configuration for the security scan
llmSpec = \"""
POST http://$HOST:$PORT/v1/self-probe
Authorization: Bearer XXXXX
Content-Type: application/json
{
"prompt": "<<PROMPT>>"
}
\""" # LLM API specification
maxBudget = 1000000 # Maximum budget for the scan
max_th = 0.3 # Maximum failure threshold (percentage)
optimize = false # Enable optimization during scanning
enableMultiStepAttack = false # Enable multi-step attack simulations
version = $SETTINGS_VERSION
# [modules.LLM-Jailbreak-Classifier]
# dataset_name = "markush1/LLM-Jailbreak-Classifier"
[modules.aya-23-8B_advbench_jailbreak]
dataset_name = "simonycl/aya-23-8B_advbench_jailbreak"
[modules.AgenticBackend]
dataset_name = "AgenticBackend"
[modules.AgenticBackend.opts]
port = $PORT
modules = ["encoding"]
[thresholds]
# Threshold settings
low = 0.15
medium = 0.3
high = 0.5
[secrets]
# Secrets for the security scan from environment variables
OPENAI_API_KEY = "$OPENAI_API_KEY"
DEEPSEEK_API_KEY = "$DEEPSEEK_API_KEY"
[caching]
enable = true
cache_size = 10000
use_disk_cache = false
[network]
retry = 3
timeout_connect = 30
timeout_response = 90
""".replace(
"$HOST", host
)
.replace("$PORT", str(port))
.replace("$SETTINGS_VERSION", str(SETTINGS_VERSION))
)
logger.info(
f"Default configuration generated successfully to {self.default_path}."
)
agentic_security/core/app.py
+27 -3
View File
@@ -1,15 +1,22 @@
import os
from asyncio import Event, Queue
from fastapi import FastAPI
from fastapi.responses import ORJSONResponse
from agentic_security.http_spec import LLMSpec
tools_inbox: Queue = Queue()
stop_event: Event = Event()
current_run: str = {"spec": "", "id": ""}
_secrets: dict[str, str] = {}
current_run: dict[str, int | LLMSpec] = {"spec": "", "id": ""}
def create_app() -> FastAPI:
"""Create and configure the FastAPI application."""
app = FastAPI()
app = FastAPI(default_response_class=ORJSONResponse)
return app
@@ -23,13 +30,30 @@ def get_stop_event() -> Event:
return stop_event
def get_current_run() -> str:
def get_current_run() -> dict[str, int | LLMSpec]:
"""Get the current run id."""
return current_run
def set_current_run(spec):
def set_current_run(spec: LLMSpec) -> dict[str, int | LLMSpec]:
"""Set the current run id."""
current_run["id"] = hash(id(spec))
current_run["spec"] = spec
return current_run
def get_secrets() -> dict[str, str]:
return _secrets
def set_secrets(secrets: dict[str, str]) -> dict[str, str]:
_secrets.update(secrets)
expand_secrets(_secrets)
return _secrets
def expand_secrets(secrets: dict[str, str]) -> None:
for key in secrets:
val = secrets[key]
if val.startswith("$"):
secrets[key] = os.getenv(val.strip("$"))
agentic_security/core/logging.py
+2 -23
View File
@@ -1,26 +1,5 @@
from logging import config
from agentic_security.logutils import set_log_level_to_info
def setup_logging():
config.dictConfig(
{
"version": 1,
"disable_existing_loggers": True,
"handlers": {
"console": {
"class": "logging.StreamHandler",
},
},
"root": {
"handlers": ["console"],
"level": "INFO",
},
"loggers": {
"uvicorn.access": {
"level": "ERROR", # Set higher log level to suppress info logs globally
"handlers": ["console"],
"propagate": False,
}
},
}
)
return set_log_level_to_info()
agentic_security/core/test_app.py
+29
View File
@@ -0,0 +1,29 @@
import os
import pytest
from agentic_security.core.app import expand_secrets
@pytest.fixture(autouse=True)
def setup_env_vars():
# Set up environment variables for testing
os.environ["TEST_ENV_VAR"] = "test_value"
def test_expand_secrets_with_env_var():
secrets = {"secret_key": "$TEST_ENV_VAR"}
expand_secrets(secrets)
assert secrets["secret_key"] == "test_value"
def test_expand_secrets_without_env_var():
secrets = {"secret_key": "$NON_EXISTENT_VAR"}
expand_secrets(secrets)
assert secrets["secret_key"] is None
def test_expand_secrets_without_dollar_sign():
secrets = {"secret_key": "plain_value"}
expand_secrets(secrets)
assert secrets["secret_key"] == "plain_value"
agentic_security/dependencies.py
+27
View File
@@ -0,0 +1,27 @@
from agentic_security.config import get_or_create_config
from agentic_security.core.app import set_secrets
class InMemorySecrets:
def __init__(self):
config = get_or_create_config()
self.secrets = config.get_config_value("secrets", {})
set_secrets(self.secrets)
def set_secret(self, key: str, value: str):
self.secrets[key] = value
def get_secret(self, key: str) -> str:
return self.secrets.get(key, None)
# Dependency
def get_in_memory_secrets() -> InMemorySecrets:
return InMemorySecrets()
# Example usage in a FastAPI route
# @app.get("/some-endpoint")
# async def some_endpoint(secrets: InMemorySecrets = Depends(get_in_memory_secrets)):
# # Use secrets here
# pass
agentic_security/http_spec.py
+35 -5
View File
@@ -1,9 +1,12 @@
import base64
from enum import Enum
from urllib.parse import urlparse
import httpx
from pydantic import BaseModel
from agentic_security.config import settings_var
class Modality(Enum):
TEXT = 0
@@ -28,7 +31,7 @@ def encode_audio_base64_by_url(url: str) -> str:
class InvalidHTTPSpecError(Exception):
...
pass
class LLMSpec(BaseModel):
@@ -47,14 +50,21 @@ class LLMSpec(BaseModel):
except Exception as e:
raise InvalidHTTPSpecError(f"Failed to parse HTTP spec: {e}") from e
def timeout(self):
return (
settings_var("network.timeout_connect", 30),
settings_var("network.timeout_response", 90),
)
async def _probe_with_files(self, files):
async with httpx.AsyncClient() as client:
transport = httpx.AsyncHTTPTransport(retries=settings_var("network.retry", 3))
async with httpx.AsyncClient(transport=transport) as client:
response = await client.request(
method=self.method,
url=self.url,
headers=self.headers,
files=files,
timeout=(30, 90),
timeout=self.timeout(),
)
return response
@@ -90,13 +100,15 @@ class LLMSpec(BaseModel):
content = self.body.replace("<<PROMPT>>", escape_special_chars_for_json(prompt))
content = content.replace("<<BASE64_IMAGE>>", encoded_image)
content = content.replace("<<BASE64_AUDIO>>", encoded_audio)
async with httpx.AsyncClient() as client:
transport = httpx.AsyncHTTPTransport(retries=settings_var("network.retry", 3))
async with httpx.AsyncClient(transport=transport) as client:
response = await client.request(
method=self.method,
url=self.url,
headers=self.headers,
content=content,
timeout=(30, 90),
timeout=self.timeout(),
)
return response
@@ -138,6 +150,9 @@ def parse_http_spec(http_spec: str) -> LLMSpec:
Returns:
LLMSpec: An object representing the parsed HTTP specification, with attributes for the method, URL, headers, and body.
"""
from agentic_security.core.app import get_secrets
secrets = get_secrets()
# Split the spec by lines
lines = http_spec.strip().split("\n")
@@ -145,6 +160,14 @@ def parse_http_spec(http_spec: str) -> LLMSpec:
# Extract the method and URL from the first line
method, url = lines[0].split(" ")[0:2]
# Check url validity
valid_url = urlparse(url)
# if missing the correct formatting ://, urlparse.netloc will be empty
if valid_url.scheme not in ("http", "https") or not valid_url.netloc:
raise InvalidHTTPSpecError(
f"Invalid URL: {url}. Ensure it starts with 'http://' or 'https://'"
)
# Initialize headers and body
headers = {}
body = ""
@@ -164,6 +187,13 @@ def parse_http_spec(http_spec: str) -> LLMSpec:
has_files = "multipart/form-data" in headers.get("Content-Type", "")
has_image = "<<BASE64_IMAGE>>" in body
has_audio = "<<BASE64_AUDIO>>" in body
for key, value in secrets.items():
if not value:
continue
key = key.strip("$")
body = body.replace(f"${key}", value)
return LLMSpec(
method=method,
url=url,
agentic_security/lib.py
+5 -114
View File
@@ -3,14 +3,14 @@ import json
from datetime import datetime
import colorama
import tomli
import tqdm.asyncio
from loguru import logger
from rich.console import Console
from rich.table import Table
from tabulate import tabulate
from agentic_security.models.schemas import Scan
from agentic_security.config import SettingsMixin # Importing the configuration mixin
from agentic_security.logutils import logger
from agentic_security.primitives import Scan
from agentic_security.probe_data import REGISTRY
from agentic_security.routes.scan import streaming_response_generator
@@ -23,63 +23,7 @@ YELLOW = colorama.Fore.YELLOW
BLUE = colorama.Fore.BLUE
class CfgMixin:
config = {}
default_path = "agesec.toml"
def has_local_config(self):
try:
with open(self.default_path):
return True
except FileNotFoundError:
return False
@classmethod
def load_config(cls, config_path: str):
"""
Load configuration from a TOML file and store it in the class variable.
Args:
config_path (str): Path to the TOML configuration file.
Raises:
FileNotFoundError: If the configuration file is not found.
toml.TomlDecodeError: If the configuration file has syntax errors.
"""
try:
with open(config_path, "rb") as config_file:
cls.config = tomli.load(config_file)
logger.info(f"Configuration loaded successfully from {config_path}.")
except FileNotFoundError:
logger.error(f"Configuration file {config_path} not found.")
raise
except Exception as e:
logger.error(f"Error parsing TOML configuration: {e}")
raise
@classmethod
def get_config_value(cls, key: str, default=None):
"""
Retrieve a configuration value by key from the loaded configuration.
Args:
key (str): Dot-separated key path to the configuration value (e.g., 'general.maxBudget').
default: Default value if the key is not found.
Returns:
The configuration value if found, otherwise the default value.
"""
keys = key.split(".")
value = cls.config
for k in keys:
if isinstance(value, dict) and k in value:
value = value[k]
else:
return default
return value
class AgenticSecurity(CfgMixin):
class SecurityScanner(SettingsMixin):
@classmethod
async def async_scan(
cls,
@@ -258,7 +202,7 @@ class AgenticSecurity(CfgMixin):
self.load_config(self.default_path)
logger.info("Configuration loaded successfully.")
print(self.config)
datasets = list(self.get_config_value("modules").values())
datasets = list(self.get_config_value("modules", {}).values())
for d in datasets:
d["selected"] = True
self.scan(
@@ -272,59 +216,6 @@ class AgenticSecurity(CfgMixin):
),
)
def generate_default_cfg(self, host: str = "0.0.0.0", port: int = 8718):
# Accept host / port as parameters
with open(self.default_path, "w") as f:
f.write(
"""
[general]
# General configuration for the security scan
llmSpec = \"""
POST http://$HOST:$PORT/v1/self-probe
Authorization: Bearer XXXXX
Content-Type: application/json
{
"prompt": "<<PROMPT>>"
}
\""" # LLM API specification
maxBudget = 1000000 # Maximum budget for the scan
max_th = 0.3 # Maximum failure threshold (percentage)
optimize = false # Enable optimization during scanning
enableMultiStepAttack = false # Enable multi-step attack simulations
# [modules.LLM-Jailbreak-Classifier]
# dataset_name = "markush1/LLM-Jailbreak-Classifier"
[modules.aya-23-8B_advbench_jailbreak]
dataset_name = "simonycl/aya-23-8B_advbench_jailbreak"
[modules.AgenticBackend]
dataset_name = "AgenticBackend"
[modules.AgenticBackend.opts]
port = $PORT
modules = ["encoding"]
[thresholds]
# Threshold settings
low = 0.15
medium = 0.3
high = 0.5
""".replace(
"$HOST", host
).replace(
"$PORT", str(port)
)
)
logger.info(
f"Default configuration generated successfully to {self.default_path}."
)
def list_checks(self):
"""
Print the REGISTRY contents as a table using the rich library.
agentic_security/logutils.py
+85
View File
@@ -0,0 +1,85 @@
# import sys
# from loguru import logger
# # Define custom colors
# BLUE = "#89CFF0"
# BROWN = "#8B4513" # Brown for DEBUG
# # Define custom log level colors
# logger.level("DEBUG", color=f"<fg {BROWN}>")
# logger.level("INFO", color=f"<fg {BLUE}>")
# # Define custom log format with aligned messages and colored levels
# LOG_FORMAT = (
# "<level>{level:<8}</level> " # Properly formatted and colored log level
# "<level>{message:<100}</level> " # Left-aligned message for readability
# "<cyan>{file.name}</cyan>:<cyan>{line}</cyan>" # File name and line number in cyan
# )
# # Remove default handlers and add a new one with custom formatting
# logger.remove()
# logger.add(sys.stdout, format=LOG_FORMAT, level="DEBUG", colorize=True)
import logging
import logging.config
from os import getenv
LOGGER_NAME = None
LOGGING_CONFIG = {
"version": 1,
"disable_existing_loggers": False,
"formatters": {
"rich": {"format": "%(message)s", "datefmt": "[%X]"},
},
"handlers": {
"rich": {
"class": "rich.logging.RichHandler",
"level": "INFO",
"formatter": "rich",
"show_time": False,
"rich_tracebacks": False,
"show_path": lambda: True if getenv("API_RUNTIME") == "dev" else False,
"tracebacks_show_locals": False,
},
},
"loggers": {
"": { # Root logger configuration
"level": "INFO",
"handlers": ["rich"],
"propagate": True,
},
},
}
def configure_logging():
# Apply the dictionary configuration
logging.config.dictConfig(LOGGING_CONFIG)
# Get and return the logger
logger = logging.getLogger(LOGGER_NAME)
return logger
logger: logging.Logger = configure_logging()
def set_log_level_to_debug():
logger = logging.getLogger(LOGGER_NAME)
logger.setLevel(logging.DEBUG)
# Update handler level as well
for handler in logger.handlers:
handler.setLevel(logging.DEBUG)
def set_log_level_to_info():
logger = logging.getLogger(LOGGER_NAME)
logger.setLevel(logging.INFO)
# Update handler level as well
for handler in logger.handlers:
handler.setLevel(logging.INFO)
# Set initial log level
set_log_level_to_info()
agentic_security/middleware/logging.py
+2 -1
View File
@@ -1,7 +1,8 @@
from fastapi import Request
from loguru import logger
from starlette.middleware.base import BaseHTTPMiddleware
from agentic_security.logutils import logger
class LogNon200ResponsesMiddleware(BaseHTTPMiddleware):
async def dispatch(self, request: Request, call_next):
agentic_security/misc/__init__.py
View File
agentic_security/misc/banner.py
+93
View File
@@ -0,0 +1,93 @@
from pyfiglet import Figlet, FontNotFound
from termcolor import colored
try:
from importlib.metadata import version
except ImportError:
from importlib_metadata import version
def generate_banner(
title: str = "Agentic Security",
font: str = "slant",
version: str = "v2.1.0",
tagline: str = "Proactive Threat Detection & Automated Security Protocols",
author: str = "Developed by: [Security Team]",
website: str = "Website: https://github.com/msoedov/agentic_security",
warning: str | None = "", # Using Optional for warning since it might be None
) -> str:
"""Generate a visually enhanced banner with dynamic width and borders."""
# Define the text elements
# Initialize Figlet with the specified font, fallback to default if not found
try:
f = Figlet(font=font)
except FontNotFound:
f = Figlet() # Fallback to default font
# Render the title text and calculate the maximum width of Figlet lines
banner_text = f.renderText(title)
banner_lines = banner_text.splitlines()
figlet_max_width = max(len(line) for line in banner_lines) if banner_lines else 0
# Create the details line and calculate its width
details_line = f"Version: {version} | {website}"
details_width = len(details_line)
# Calculate widths of other text elements
warning_width = len(warning)
tagline_width = len(tagline)
# Determine the overall maximum width for centering
overall_max_width = max(
figlet_max_width, warning_width, tagline_width, details_width
)
# Pad the Figlet lines to the overall maximum width
padded_banner_lines = [line.center(overall_max_width) for line in banner_lines]
# Define decorative characters and colors
decor_chars = ["", "", ""]
decor_colors = ["blue", "red", "yellow"]
# Create and color the content lines
content_lines = []
for line in padded_banner_lines:
content_lines.append(colored(line, "blue"))
content_lines.append(colored(decor_chars[0] * overall_max_width, decor_colors[0]))
content_lines.append(
colored(warning.center(overall_max_width), "red", attrs=["blink", "bold"])
)
content_lines.append(colored(decor_chars[1] * overall_max_width, decor_colors[1]))
content_lines.append(colored(tagline.center(overall_max_width), "red"))
content_lines.append(colored(decor_chars[2] * overall_max_width, decor_colors[2]))
content_lines.append(colored(details_line.center(overall_max_width), "magenta"))
# Define border color and create top and bottom borders
border_color = "blue"
top_border = colored("" + "" * (overall_max_width + 2) + "", border_color)
bottom_border = colored("" + "" * (overall_max_width + 2) + "", border_color)
# Add side borders to each content line with padding
bordered_content = [
colored("", border_color) + line + colored("", border_color)
for line in content_lines
]
# Assemble the full banner
banner = top_border + "\n" + "\n".join(bordered_content) + "\n" + bottom_border
return banner
def init_banner():
return
ver = version("agentic_security")
try:
print(generate_banner(version=ver))
except Exception:
# UnicodeEncodeError with codec on some systems
pass
if __name__ == "__main__":
init_banner()
agentic_security/primitives/__init__.py
+11
View File
@@ -0,0 +1,11 @@
from agentic_security.primitives.models import ( # noqa
CompletionRequest,
FileProbeResponse,
LLMInfo,
Message,
Probe,
Scan,
ScanResult,
Settings,
Table,
)
agentic_security/models/schemas.py → agentic_security/primitives/models.py
+20
View File
@@ -23,6 +23,18 @@ class Scan(BaseModel):
enableMultiStepAttack: bool = False
# MSJ only mode
probe_datasets: list[dict] = []
# Set and managed by the backend
secrets: dict[str, str] = {}
def with_secrets(self, secrets) -> "Scan":
match secrets:
case dict():
self.secrets.update(secrets)
case obj if hasattr(obj, "secrets"):
self.secrets.update(obj.secrets)
case _:
raise ValueError("Invalid secrets type")
return self
class ScanResult(BaseModel):
@@ -32,6 +44,10 @@ class ScanResult(BaseModel):
progress: float
status: bool = False
failureRate: float = 0.0
prompt: str = ""
model: str = ""
refused: bool = False
latency: float = 0.0
@classmethod
def status_msg(cls, msg: str) -> str:
@@ -42,6 +58,10 @@ class ScanResult(BaseModel):
progress=0,
failureRate=0,
status=True,
prompt="",
model="",
refused=False,
latency=0,
).model_dump_json()
agentic_security/probe_actor/fuzzer.py
+270 -209
View File
@@ -1,15 +1,17 @@
import asyncio
import random
import time
from collections.abc import AsyncGenerator
from json import JSONDecodeError
import httpx
import pandas as pd
from loguru import logger
from skopt import Optimizer
from skopt.space import Real
from agentic_security.http_spec import Modality
from agentic_security.models.schemas import Scan, ScanResult
from agentic_security.logutils import logger
from agentic_security.primitives import Scan, ScanResult
from agentic_security.probe_actor.cost_module import calculate_cost
from agentic_security.probe_actor.refusal import refusal_heuristic
from agentic_security.probe_data import audio_generator, image_generator, msj_data
@@ -17,6 +19,12 @@ from agentic_security.probe_data.data import prepare_prompts
# TODO: full log file
MAX_PROMPT_LENGTH = 2048
BUDGET_MULTIPLIER = 100_000_000
INITIAL_OPTIMIZER_POINTS = 25
MIN_FAILURE_SAMPLES = 5
FAILURE_RATE_THRESHOLD = 0.5
async def generate_prompts(
prompts: list[str] | AsyncGenerator,
@@ -42,8 +50,11 @@ def multi_modality_spec(llm_spec):
async def process_prompt(
request_factory, prompt, tokens, module_name, refusals, errors
):
request_factory, prompt, tokens, module_name, refusals, errors, outputs
) -> tuple[int, bool]:
"""
Process a single prompt and update the token count and failure status.
"""
try:
response = await request_factory.fn(prompt=prompt)
if response.status_code == 422:
@@ -52,23 +63,59 @@ async def process_prompt(
return tokens, True
if response.status_code >= 400:
raise httpx.HTTPStatusError(
f"HTTP {response.status_code} {response.content=}",
request=response.request,
response=response,
)
logger.error(f"HTTP {response.status_code} {response.content=}")
errors.append((module_name, prompt, response.status_code, response.text))
return tokens, True
response_text = response.text
tokens += len(response_text.split())
if refusal_heuristic(response.json()):
refused = refusal_heuristic(response.json())
if refused:
refusals.append((module_name, prompt, response.status_code, response_text))
return tokens, True
return tokens, False
outputs.append((module_name, prompt, response_text, refused))
return tokens, refused
except httpx.RequestError as exc:
logger.error(f"Request error: {exc}")
errors.append((module_name, prompt, "?", str(exc)))
return tokens, True
except JSONDecodeError as json_decode_error:
logger.error(f"Jason error: {json_decode_error}")
errors.append((module_name, prompt, "?", str(json_decode_error)))
return tokens, True
async def process_prompt_batch(
request_factory,
prompts: list[str],
tokens: int,
module_name: str,
refusals,
errors,
outputs,
) -> tuple[int, int]:
tasks = [
process_prompt(
request_factory, p, tokens, module_name, refusals, errors, outputs
)
for p in prompts
]
results = await asyncio.gather(*tasks)
total_tokens = sum(r[0] for r in results)
failures = sum(1 for r in results if r[1])
return total_tokens, failures
async def with_error_handling(agen):
try:
async for t in agen:
yield t
except Exception as e:
logger.exception("Scan failed")
yield ScanResult.status_msg(f"Scan failed: {str(e)}")
finally:
yield ScanResult.status_msg("Scan completed.")
async def perform_single_shot_scan(
@@ -78,112 +125,123 @@ async def perform_single_shot_scan(
tools_inbox=None,
optimize=False,
stop_event: asyncio.Event = None,
secrets: dict[str, str] = {},
) -> AsyncGenerator[str, None]:
"""Perform a standard security scan."""
max_budget = max_budget * 100_000_000
max_budget = max_budget * BUDGET_MULTIPLIER
selected_datasets = [m for m in datasets if m["selected"]]
request_factory = multi_modality_spec(request_factory)
try:
yield ScanResult.status_msg("Loading datasets...")
prompt_modules = prepare_prompts(
dataset_names=[m["dataset_name"] for m in selected_datasets],
budget=max_budget,
tools_inbox=tools_inbox,
options=[m.get("opts", {}) for m in selected_datasets],
)
yield ScanResult.status_msg("Datasets loaded. Starting scan...")
yield ScanResult.status_msg("Loading datasets...")
prompt_modules = prepare_prompts(
dataset_names=[m["dataset_name"] for m in selected_datasets],
budget=max_budget,
tools_inbox=tools_inbox,
options=[m.get("opts", {}) for m in selected_datasets],
)
yield ScanResult.status_msg("Datasets loaded. Starting scan...")
errors = []
refusals = []
total_prompts = sum(len(m.prompts) for m in prompt_modules if not m.lazy)
processed_prompts = 0
errors = []
refusals = []
outputs = []
total_prompts = sum(len(m.prompts) for m in prompt_modules if not m.lazy)
processed_prompts = 0
optimizer = (
Optimizer([Real(0, 1)], base_estimator="GP", n_initial_points=25)
if optimize
else None
)
failure_rates = []
optimizer = (
Optimizer([Real(0, 1)], base_estimator="GP", n_initial_points=25)
if optimize
else None
)
failure_rates = []
total_tokens = 0
total_tokens = 0
tokens = 0
should_stop = False
for module in prompt_modules:
if should_stop:
break
tokens = 0
should_stop = False
for module in prompt_modules:
if should_stop:
break
tokens = 0
module_failures = 0
module_size = 0 if module.lazy else len(module.prompts)
logger.info(f"Scanning {module.dataset_name} {module_size}")
module_failures = 0
module_size = 0 if module.lazy else len(module.prompts)
logger.info(f"Scanning {module.dataset_name} {module_size}")
module_prompts = 0 # Reset for each module
async for prompt in generate_prompts(module.prompts):
if stop_event and stop_event.is_set():
stop_event.clear()
logger.info("Scan stopped by user.")
yield ScanResult.status_msg("Scan stopped by user.")
return
async for prompt in generate_prompts(module.prompts):
if stop_event and stop_event.is_set():
stop_event.clear()
logger.info("Scan stopped by user.")
yield ScanResult.status_msg("Scan stopped by user.")
return
processed_prompts += 1
progress = (
100 * processed_prompts / total_prompts if total_prompts else 0
)
total_tokens -= tokens
tokens, failed = await process_prompt(
request_factory,
prompt,
tokens,
module.dataset_name,
refusals,
errors,
)
total_tokens += tokens
# logger.debug(f"Trying prompt: {prompt}, {failed=}")
if failed:
module_failures += 1
failure_rate = module_failures / max(processed_prompts, 1)
failure_rates.append(failure_rate)
cost = calculate_cost(tokens)
processed_prompts += 1
module_prompts += 1 # Fixed increment syntax
# Calculate progress based on total processed prompts
progress = 100 * processed_prompts / total_prompts if total_prompts else 0
progress = progress % 100
yield ScanResult(
module=module.dataset_name,
tokens=round(tokens / 1000, 1),
cost=cost,
progress=round(progress, 2),
failureRate=round(failure_rate * 100, 2),
).model_dump_json()
total_tokens -= tokens
start = time.time()
tokens, failed = await process_prompt(
request_factory,
prompt,
tokens,
module.dataset_name,
refusals,
errors,
outputs,
)
end = time.time()
total_tokens += tokens
if optimize and len(failure_rates) >= 5:
next_point = optimizer.ask()
optimizer.tell(next_point, -failure_rate)
best_failure_rate = -optimizer.get_result().fun
if best_failure_rate > 0.5:
yield ScanResult.status_msg(
f"High failure rate detected ({best_failure_rate:.2%}). Stopping this module..."
)
should_stop = True
break
if total_tokens > max_budget:
logger.info(
f"Scan ran out of budget and stopped. {total_tokens=} {max_budget=}"
)
if failed:
module_failures += 1
failure_rate = module_failures / max(module_prompts, 1)
failure_rates.append(failure_rate)
cost = calculate_cost(tokens)
last_output = outputs[-1] if outputs else None
if last_output and last_output[1] == prompt:
response_text = last_output[2]
else:
response_text = ""
yield ScanResult(
module=module.dataset_name,
tokens=round(tokens / 1000, 1),
cost=cost,
progress=round(progress, 2),
failureRate=round(failure_rate * 100, 2),
prompt=prompt[:MAX_PROMPT_LENGTH],
latency=end - start,
model=response_text,
).model_dump_json()
if optimize and len(failure_rates) >= 5:
next_point = optimizer.ask()
optimizer.tell(next_point, -failure_rate)
best_failure_rate = -optimizer.get_result().fun
if best_failure_rate > 0.5:
yield ScanResult.status_msg(
f"Scan ran out of budget and stopped. {total_tokens=} {max_budget=}"
f"High failure rate detected ({best_failure_rate:.2%}). Stopping this module..."
)
should_stop = True
break
if total_tokens > max_budget:
logger.info(
f"Scan ran out of budget and stopped. {total_tokens=} {max_budget=}"
)
yield ScanResult.status_msg(
f"Scan ran out of budget and stopped. {total_tokens=} {max_budget=}"
)
should_stop = True
break
yield ScanResult.status_msg("Scan completed.")
yield ScanResult.status_msg("Scan completed.")
failure_data = errors + refusals
df = pd.DataFrame(
failure_data, columns=["module", "prompt", "status_code", "content"]
)
df.to_csv("failures.csv", index=False)
except Exception as e:
logger.exception("Scan failed")
yield ScanResult.status_msg(f"Scan failed: {str(e)}")
raise e
failure_data = errors + refusals
df = pd.DataFrame(
failure_data, columns=["module", "prompt", "status_code", "content"]
)
df.to_csv("failures.csv", index=False)
async def perform_many_shot_scan(
@@ -196,114 +254,111 @@ async def perform_many_shot_scan(
stop_event: asyncio.Event = None,
probe_frequency: float = 0.2,
max_ctx_length: int = 10_000,
secrets: dict[str, str] = {},
) -> AsyncGenerator[str, None]:
"""Perform a multi-step security scan with probe injection."""
request_factory = multi_modality_spec(request_factory)
try:
# Load main and probe datasets
yield ScanResult.status_msg("Loading datasets...")
prompt_modules = prepare_prompts(
dataset_names=[m["dataset_name"] for m in datasets if m["selected"]],
budget=max_budget,
tools_inbox=tools_inbox,
)
yield ScanResult.status_msg("Loading datasets for MSJ...")
msj_modules = msj_data.prepare_prompts(probe_datasets)
yield ScanResult.status_msg("Datasets loaded. Starting scan...")
# Load main and probe datasets
yield ScanResult.status_msg("Loading datasets...")
prompt_modules = prepare_prompts(
dataset_names=[m["dataset_name"] for m in datasets if m["selected"]],
budget=max_budget,
tools_inbox=tools_inbox,
)
yield ScanResult.status_msg("Loading datasets for MSJ...")
msj_modules = msj_data.prepare_prompts(probe_datasets)
yield ScanResult.status_msg("Datasets loaded. Starting scan...")
errors = []
refusals = []
total_prompts = sum(len(m.prompts) for m in prompt_modules if not m.lazy)
processed_prompts = 0
errors = []
refusals = []
outputs = []
total_prompts = sum(len(m.prompts) for m in prompt_modules if not m.lazy)
processed_prompts = 0
optimizer = (
Optimizer([Real(0, 1)], base_estimator="GP", n_initial_points=25)
if optimize
else None
)
failure_rates = []
optimizer = (
Optimizer([Real(0, 1)], base_estimator="GP", n_initial_points=25)
if optimize
else None
)
failure_rates = []
for module in prompt_modules:
module_failures = 0
module_size = 0 if module.lazy else len(module.prompts)
logger.info(f"Scanning {module.dataset_name} {module_size}")
for module in prompt_modules:
module_failures = 0
module_size = 0 if module.lazy else len(module.prompts)
logger.info(f"Scanning {module.dataset_name} {module_size}")
async for prompt in generate_prompts(module.prompts):
if stop_event and stop_event.is_set():
stop_event.clear()
logger.info("Scan stopped by user.")
yield ScanResult.status_msg("Scan stopped by user.")
return
tokens = 0
processed_prompts += 1
progress = (
100 * processed_prompts / total_prompts if total_prompts else 0
async for prompt in generate_prompts(module.prompts):
if stop_event and stop_event.is_set():
stop_event.clear()
logger.info("Scan stopped by user.")
yield ScanResult.status_msg("Scan stopped by user.")
return
tokens = 0
processed_prompts += 1
progress = 100 * processed_prompts / total_prompts if total_prompts else 0
progress = progress % 100
full_prompt = ""
msj_module = random.choice(msj_modules)
prompt_tokens = len(full_prompt.split())
tokens += prompt_tokens
injected = False
for _ in range(20):
if injected:
break
m_prompt = random.choice(msj_module.prompts)
full_prompt += "\n" + m_prompt
if tokens > max_ctx_length:
full_prompt = "\n" + prompt
injected = True
tokens, failed = await process_prompt(
request_factory,
full_prompt,
tokens,
module.dataset_name,
refusals,
errors,
outputs,
)
if failed:
module_failures += 1
break
if injected:
break
full_prompt = ""
msj_module = random.choice(msj_modules)
failure_rate = module_failures / max(processed_prompts, 1)
failure_rates.append(failure_rate)
cost = calculate_cost(tokens)
prompt_tokens = len(full_prompt.split())
tokens += prompt_tokens
yield ScanResult(
module=module.dataset_name,
tokens=round(tokens / 1000, 1),
cost=cost,
progress=round(progress, 2),
failureRate=round(failure_rate * 100, 2),
prompt=prompt[:MAX_PROMPT_LENGTH],
).model_dump_json()
injected = False
for _ in range(20):
if injected:
break
m_prompt = random.choice(msj_module.prompts)
full_prompt += "\n" + m_prompt
if tokens > max_ctx_length:
full_prompt = "\n" + prompt
injected = True
tokens, failed = await process_prompt(
request_factory,
full_prompt,
tokens,
module.dataset_name,
refusals,
errors,
if optimize and len(failure_rates) >= 5:
next_point = optimizer.ask()
optimizer.tell(next_point, -failure_rate)
best_failure_rate = -optimizer.get_result().fun
if best_failure_rate > 0.5:
yield ScanResult.status_msg(
f"High failure rate detected ({best_failure_rate:.2%}). Stopping this module..."
)
if failed:
module_failures += 1
break
if injected:
break
break
failure_rate = module_failures / max(processed_prompts, 1)
failure_rates.append(failure_rate)
cost = calculate_cost(tokens)
yield ScanResult.status_msg("Scan completed.")
yield ScanResult(
module=module.dataset_name,
tokens=round(tokens / 1000, 1),
cost=cost,
progress=round(progress, 2),
failureRate=round(failure_rate * 100, 2),
).model_dump_json()
if optimize and len(failure_rates) >= 5:
next_point = optimizer.ask()
optimizer.tell(next_point, -failure_rate)
best_failure_rate = -optimizer.get_result().fun
if best_failure_rate > 0.5:
yield ScanResult.status_msg(
f"High failure rate detected ({best_failure_rate:.2%}). Stopping this module..."
)
break
yield ScanResult.status_msg("Scan completed.")
df = pd.DataFrame(
errors + refusals, columns=["module", "prompt", "status_code", "content"]
)
df.to_csv("failures.csv", index=False)
except Exception as e:
logger.exception("Scan failed")
yield ScanResult.status_msg(f"Scan failed: {str(e)}")
raise e
df = pd.DataFrame(
errors + refusals, columns=["module", "prompt", "status_code", "content"]
)
df.to_csv("failures.csv", index=False)
def scan_router(
@@ -313,21 +368,27 @@ def scan_router(
stop_event: asyncio.Event = None,
):
if scan_parameters.enableMultiStepAttack:
return perform_many_shot_scan(
request_factory=request_factory,
max_budget=scan_parameters.maxBudget,
datasets=scan_parameters.datasets,
probe_datasets=scan_parameters.probe_datasets,
tools_inbox=tools_inbox,
optimize=scan_parameters.optimize,
stop_event=stop_event,
return with_error_handling(
perform_many_shot_scan(
request_factory=request_factory,
max_budget=scan_parameters.maxBudget,
datasets=scan_parameters.datasets,
probe_datasets=scan_parameters.probe_datasets,
tools_inbox=tools_inbox,
optimize=scan_parameters.optimize,
stop_event=stop_event,
secrets=scan_parameters.secrets,
)
)
else:
return perform_single_shot_scan(
request_factory=request_factory,
max_budget=scan_parameters.maxBudget,
datasets=scan_parameters.datasets,
tools_inbox=tools_inbox,
optimize=scan_parameters.optimize,
stop_event=stop_event,
return with_error_handling(
perform_single_shot_scan(
request_factory=request_factory,
max_budget=scan_parameters.maxBudget,
datasets=scan_parameters.datasets,
tools_inbox=tools_inbox,
optimize=scan_parameters.optimize,
stop_event=stop_event,
secrets=scan_parameters.secrets,
)
)
agentic_security/probe_actor/operator.py
+94 -58
View File
@@ -1,9 +1,15 @@
import asyncio
from typing import Any
import httpx
from pydantic import BaseModel, Field
from pydantic_ai import Agent, RunContext
from agentic_security.http_spec import LLMSpec
from agentic_security.logutils import logger
LLM_SPECS = []
class AgentSpecification(BaseModel):
name: str | None = Field(None, description="Name of the LLM/agent")
@@ -13,14 +19,15 @@ class AgentSpecification(BaseModel):
configuration: dict[str, Any] | None = Field(
None, description="Configuration settings"
)
endpoint: str | None = Field(None, description="Endpoint URL of the deployed agent")
# Define the OperatorToolBox class
class OperatorToolBox:
def __init__(self, spec: AgentSpecification, datasets: list[dict[str, Any]]):
self.spec = spec
self.datasets = datasets
self.failures = []
self.llm_specs = [LLMSpec.from_string(spec) for spec in LLM_SPECS]
def get_spec(self) -> AgentSpecification:
return self.spec
@@ -29,7 +36,6 @@ class OperatorToolBox:
return self.datasets
def validate(self) -> bool:
# Validate the tool box based on the specification
if not self.spec.name or not self.spec.version:
self.failures.append("Invalid specification: Name or version is missing.")
return False
@@ -39,28 +45,51 @@ class OperatorToolBox:
return True
def stop(self) -> None:
# Stop the tool box
print("Stopping the toolbox...")
logger.info("Stopping the toolbox...")
def run(self) -> None:
# Run the tool box
print("Running the toolbox...")
logger.info("Running the toolbox...")
def get_results(self) -> list[dict[str, Any]]:
# Get the results
return self.datasets
def get_failures(self) -> list[str]:
# Handle failure
return self.failures
def run_operation(self, operation: str) -> str:
# Run an operation based on the specification
if operation not in ["dataset1", "dataset2", "dataset3"]:
self.failures.append(f"Operation '{operation}' failed: Dataset not found.")
return f"Operation '{operation}' failed: Dataset not found."
return f"Operation '{operation}' executed successfully."
async def test_llm_spec(self, llm_spec: LLMSpec, user_prompt: str) -> str:
try:
# Verify the spec
response = await llm_spec.verify()
response.raise_for_status()
logger.info(f"Verification succeeded for {llm_spec.url}")
# Run test with user prompt
test_response = await llm_spec.probe(user_prompt)
test_response.raise_for_status()
response_data = test_response.json()
return f"Test succeeded for {llm_spec.url}: {response_data}"
except httpx.HTTPStatusError as e:
self.failures.append(f"HTTP error occurred: {e}")
logger.error(f"Test failed for {llm_spec.url}: {e}")
return f"Test failed for {llm_spec.url}: {e}"
except Exception as e:
self.failures.append(f"An error occurred: {e}")
logger.error(f"Test failed for {llm_spec.url}: {e}")
return f"Test failed for {llm_spec.url}: {e}"
async def test_with_prompt(self, spec_index: int, user_prompt: str) -> str:
if not 0 <= spec_index < len(self.llm_specs):
return f"Invalid spec index: {spec_index}. Valid range is 0 to {len(self.llm_specs) - 1}"
llm_spec = self.llm_specs[spec_index]
return await self.test_llm_spec(llm_spec, user_prompt)
# Initialize OperatorToolBox with AgentSpecification
spec = AgentSpecification(
@@ -71,84 +100,67 @@ spec = AgentSpecification(
configuration={"max_tokens": 100},
)
# dataset_manager_agent.py
# Initialize OperatorToolBox
toolbox = OperatorToolBox(spec=spec, datasets=["dataset1", "dataset2", "dataset3"])
# Define the agent with OperatorToolBox as its dependency
dataset_manager_agent = Agent(
model="gpt-4",
deps_type=OperatorToolBox,
result_type=str, # The agent will return string results
system_prompt="You can validate the toolbox, run operations, and retrieve results or failures.",
result_type=str,
system_prompt="You can validate the toolbox, run operations, retrieve results or failures, and test LLM specs.",
)
@dataset_manager_agent.tool
async def validate_toolbox(ctx: RunContext[OperatorToolBox]) -> str:
"""Validate the OperatorToolBox."""
is_valid = ctx.deps.validate()
if is_valid:
return "ToolBox validation successful."
else:
return "ToolBox validation failed."
return (
"ToolBox validation successful." if is_valid else "ToolBox validation failed."
)
@dataset_manager_agent.tool
async def execute_operation(ctx: RunContext[OperatorToolBox], operation: str) -> str:
"""Execute an operation on a dataset."""
result = ctx.deps.run_operation(operation)
return result
return ctx.deps.run_operation(operation)
@dataset_manager_agent.tool
async def retrieve_results(ctx: RunContext[OperatorToolBox]) -> str:
"""Retrieve the results of operations."""
results = ctx.deps.get_results()
if results:
formatted_results = "\n".join([f"{op}: {res}" for op, res in results.items()])
return f"Operation Results:\n{formatted_results}"
else:
return "No operations have been executed yet."
return (
f"Operation Results:\n{results}"
if results
else "No operations have been executed yet."
)
@dataset_manager_agent.tool
async def retrieve_failures(ctx: RunContext[OperatorToolBox]) -> str:
"""Retrieve the list of failures."""
failures = ctx.deps.get_failures()
if failures:
formatted_failures = "\n".join(failures)
return f"Failures:\n{formatted_failures}"
else:
return "No failures recorded."
return f"Failures:\n{failures}" if failures else "No failures recorded."
# Synchronous run example
def run_dataset_manager_agent_sync():
prompts = [
"Validate the toolbox.",
"Execute operation on 'dataset2'.",
"Execute operation on 'dataset4'.", # This should fail
"Retrieve the results.",
"Retrieve any failures.",
]
for prompt in prompts:
result = dataset_manager_agent.run_sync(prompt, deps=toolbox)
print(f"Prompt: {prompt}")
print(f"Response: {result.data}\n")
@dataset_manager_agent.tool
async def list_llm_specs(ctx: RunContext[OperatorToolBox]) -> str:
spec_list = "\n".join(
f"{i}: {spec.url}" for i, spec in enumerate(ctx.deps.llm_specs)
)
return f"Available LLM Specs:\n{spec_list}"
# Asynchronous run example
@dataset_manager_agent.tool
async def test_llm_with_prompt(
ctx: RunContext[OperatorToolBox], spec_index: int, user_prompt: str
) -> str:
return await ctx.deps.test_with_prompt(spec_index, user_prompt)
# Asynchronous run example with user confirmation
async def run_dataset_manager_agent_async():
prompts = [
"Validate the toolbox.",
"Execute operation on 'dataset2'.",
"Execute operation on 'dataset4'.", # This should fail
"Retrieve the results.",
"Retrieve any failures.",
"List available LLM specs.",
"I want to test an LLM with my prompt: 'Tell me a short story about a robot'. Which spec index should I use?",
]
for prompt in prompts:
@@ -156,10 +168,34 @@ async def run_dataset_manager_agent_async():
print(f"Prompt: {prompt}")
print(f"Response: {result.data}\n")
# Handle testing request
if "test an LLM with my prompt" in prompt:
print(
"Please select a spec index from the list above and confirm to proceed."
)
# Simulate user input for demo (in real app, you'd get this from user)
user_input = (
input("Enter spec index and 'yes' to confirm (e.g., '0 yes'): ")
.strip()
.split()
)
if len(user_input) == 2 and user_input[1].lower() == "yes":
try:
spec_index = int(user_input[0])
# Extract prompt from the original input
user_prompt = prompt.split("my prompt: ")[1].strip("'")
test_result = await dataset_manager_agent.run(
f"Test LLM at index {spec_index} with prompt: {user_prompt}",
deps=toolbox,
spec_index=spec_index,
user_prompt=user_prompt,
)
print(f"Test Response: {test_result.data}\n")
except ValueError:
print("Invalid spec index provided.\n")
else:
print("Test canceled. Please provide a valid index and confirmation.\n")
if __name__ == "__main__":
# Run synchronous example
run_dataset_manager_agent_sync()
# Run asynchronous example
asyncio.run(run_dataset_manager_agent_async())
agentic_security/probe_actor/refusal.py
+1 -1
View File
@@ -1,6 +1,6 @@
from abc import ABC, abstractmethod
from agentic_security.refusal_classifier import RefusalClassifier
from agentic_security.refusal_classifier.model import RefusalClassifier
classifier = RefusalClassifier()
classifier.load_model()
agentic_security/probe_data/__init__.py
+39
View File
@@ -5,6 +5,7 @@ REGISTRY_V0 = [
"dataset_name": "simonycl/aya-23-8B_advbench_jailbreak",
"num_prompts": 416,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -16,6 +17,7 @@ REGISTRY_V0 = [
"dataset_name": "acmc/jailbreaks_dataset_with_perplexity_bigcode_starcoder2-3b_bigcode_starcoder2-7b",
"num_prompts": 11191,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -27,6 +29,7 @@ REGISTRY_V0 = [
"dataset_name": "karanxa/dolphin-jailbreak-finetuning-dataset",
"num_prompts": 42684,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -38,6 +41,7 @@ REGISTRY_V0 = [
"dataset_name": "karanxa/llama-2-jailbreak-dataset",
"num_prompts": 40613,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -49,6 +53,7 @@ REGISTRY_V0 = [
"dataset_name": "karanxa/llama2-uncensored-jailbreak-dataset-finetuning",
"num_prompts": 42854,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -60,6 +65,7 @@ REGISTRY_V0 = [
"dataset_name": "liuyanchen1015/Llama-3.2-1B_jailbreak_responses",
"num_prompts": 9888,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -71,6 +77,7 @@ REGISTRY_V0 = [
"dataset_name": "liuyanchen1015/Llama-3.2-1B-Instruct_jailbreak_responses",
"num_prompts": 9888,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -82,6 +89,7 @@ REGISTRY_V0 = [
"dataset_name": "liuyanchen1015/Llama-3.2-1B-Instruct_jailbreak_responses_with_judgment",
"num_prompts": 9888,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -93,6 +101,7 @@ REGISTRY_V0 = [
"dataset_name": "jackhhao/jailbreak-classification",
"num_prompts": 1044,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -104,6 +113,7 @@ REGISTRY_V0 = [
"dataset_name": "markush1/LLM-Jailbreak-Classifier",
"num_prompts": 201193,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -115,6 +125,7 @@ REGISTRY_V0 = [
"dataset_name": "walledai/JailbreakBench",
"num_prompts": 200,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -126,6 +137,7 @@ REGISTRY_V0 = [
"dataset_name": "walledai/JailbreakHub",
"num_prompts": 15140,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -137,6 +149,7 @@ REGISTRY_V0 = [
"dataset_name": "Granther/evil-jailbreak",
"num_prompts": 1200,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -148,6 +161,7 @@ REGISTRY_V0 = [
"dataset_name": "sevdeawesome/jailbreak_success",
"num_prompts": 10800,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -159,6 +173,7 @@ REGISTRY_V0 = [
"dataset_name": "IDA-SERICS/Disaster-tweet-jailbreaking",
"num_prompts": 3000,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -170,6 +185,7 @@ REGISTRY_V0 = [
"dataset_name": "GeorgeDaDude/Jailbreak_Complete_DS_labeled",
"num_prompts": 11383,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -181,6 +197,7 @@ REGISTRY_V0 = [
"dataset_name": "dayone3nder/jailbreak_prompt_JBB_sft_trainset",
"num_prompts": 4785,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -192,6 +209,7 @@ REGISTRY_V0 = [
"dataset_name": "dayone3nder/general_safe_mix_jailbreak_prompt_JBB_trainset",
"num_prompts": 24679,
"tokens": None, # Add actual token count if available
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -206,6 +224,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "AgenticBackend",
"num_prompts": 2000,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Fine-tuned cloud hosted model",
"selected": True,
@@ -221,6 +240,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "ShawnMenz/DAN_jailbreak",
"num_prompts": 666,
"tokens": 224196,
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -232,6 +252,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "deepset/prompt-injections",
"num_prompts": 203,
"tokens": 6988,
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -243,6 +264,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "rubend18/ChatGPT-Jailbreak-Prompts",
"num_prompts": 79,
"tokens": 26971,
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -254,6 +276,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "notrichardren/refuse-to-answer-prompts",
"num_prompts": 522,
"tokens": 7172,
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -265,6 +288,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "Lemhf14/EasyJailbreak_Datasets",
"num_prompts": 1630,
"tokens": 19758,
"is_active": False,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -276,6 +300,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "markush1/LLM-Jailbreak-Classifier",
"num_prompts": 1119,
"tokens": 19758,
"is_active": True,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -287,6 +312,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "JailbreakV-28K/JailBreakV-28k",
"num_prompts": 28300,
"tokens": 1975800,
"is_active": False,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -298,6 +324,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "ShawnMenz/jailbreak_sft_rm_ds",
"num_prompts": 371000,
"tokens": 1975800,
"is_active": False,
"approx_cost": 0.0,
"source": "Hugging Face Datasets",
"selected": False,
@@ -309,6 +336,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "Steganography",
"num_prompts": 10,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Local mutation dataset",
"selected": False,
@@ -320,6 +348,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "GPT fuzzer",
"num_prompts": 10,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Local mutation dataset",
"selected": False,
@@ -331,6 +360,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "jailbreak_llms/2023_05_07",
"num_prompts": 0,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Github",
"selected": False,
@@ -342,6 +372,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "jailbreak_llms/2023_12_25.csv",
"num_prompts": 0,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Github",
"selected": False,
@@ -353,6 +384,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "Malwaregen",
"num_prompts": 0,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Local dataset",
"selected": False,
@@ -364,6 +396,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "Hallucination",
"num_prompts": 0,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Local dataset",
"selected": False,
@@ -375,6 +408,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "DataLeak",
"num_prompts": 0,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Local dataset",
"selected": False,
@@ -386,6 +420,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "llm-adaptive-attacks",
"num_prompts": 0,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Github: tml-epfl/llm-adaptive-attacks#0.0.1",
"selected": False,
@@ -397,6 +432,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "Garak",
"num_prompts": 0,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Github: https://github.com/leondz/garak#v0.9.0.1",
"selected": False,
@@ -412,6 +448,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "Reinforcement Learning Optimization",
"num_prompts": 0,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Cloud hosted model",
"selected": False,
@@ -427,6 +464,7 @@ REGISTRY = REGISTRY_V0 + [
"dataset_name": "InspectAI",
"num_prompts": 0,
"tokens": 0,
"is_active": True,
"approx_cost": 0.0,
"source": "Github: https://github.com/UKGovernmentBEIS/inspect_ai",
"selected": False,
@@ -439,6 +477,7 @@ REGISTRY = REGISTRY_V0 + [
"num_prompts": len(load_local_csv().prompts),
"tokens": load_local_csv().tokens,
"approx_cost": 0.0,
"is_active": True,
"source": f"Local file dataset: {load_local_csv().metadata['src']}",
"selected": len(load_local_csv().prompts),
"url": "",
agentic_security/probe_data/audio_generator.py
+29 -5
View File
@@ -1,4 +1,5 @@
import base64
import logging
import os
import platform
import subprocess
@@ -7,6 +8,16 @@ import uuid
import httpx
from cache_to_disk import cache_to_disk
# Configure logging
logging.basicConfig(level=logging.INFO)
logger = logging.getLogger(__name__)
class AudioGenerationError(Exception):
"""Custom exception for errors during audio generation."""
pass
def encode(content: bytes) -> str:
encoded_content = base64.b64encode(content).decode("utf-8")
@@ -41,12 +52,25 @@ def generate_audio_mac_wav(prompt: str) -> bytes:
# Read the WAV file into memory
with open(temp_wav_path, "rb") as f:
audio_bytes = f.read()
except subprocess.CalledProcessError as e:
logger.error(f"Subprocess error: {e}")
raise AudioGenerationError("Failed to generate or convert audio.") from e
except FileNotFoundError as e:
logger.error(f"File not found: {e}")
raise AudioGenerationError("Required file not found.") from e
except Exception as e:
logger.exception("Unexpected error occurred.")
raise AudioGenerationError(
"An unexpected error occurred during audio generation."
) from e
finally:
# Clean up the temporary files
if os.path.exists(temp_aiff_path):
os.remove(temp_aiff_path)
if os.path.exists(temp_wav_path):
os.remove(temp_wav_path)
for path in (temp_aiff_path, temp_wav_path):
try:
if os.path.exists(path):
os.remove(path)
except Exception as e:
logger.warning(f"Failed to delete temporary file {path}: {e}")
# Return the audio bytes
return audio_bytes
agentic_security/probe_data/data.py
+282 -391
View File
@@ -1,14 +1,15 @@
import io
import os
import random
from functools import lru_cache
from collections.abc import Callable, Iterator
from functools import partial
import httpx
import pandas as pd
from cache_to_disk import cache_to_disk
from datasets import load_dataset
from loguru import logger
from agentic_security.logutils import logger
from agentic_security.probe_data import stenography_fn
from agentic_security.probe_data.models import ProbeDataset
from agentic_security.probe_data.modules import (
@@ -19,281 +20,200 @@ from agentic_security.probe_data.modules import (
rl_model,
)
# Type aliases for clarity
FilterFn = Callable[[pd.Series], bool]
ColumnMappings = dict[str, str]
DatasetLoader = Callable[[], ProbeDataset]
@cache_to_disk()
def load_dataset_general(
dataset_name,
dataset_split="train",
column_mappings=None,
filter_fn=None,
custom_url=None,
additional_metadata=None,
):
"""
Generalized function to load datasets with flexible configurations.
:param dataset_name: Name of the dataset or URL for custom CSVs
:param dataset_split: Split to load from the dataset (e.g., "train")
:param column_mappings: Dictionary mapping dataset columns to expected keys, e.g., {'prompt': 'query'}
:param filter_fn: A filtering function that takes a row and returns True/False
:param custom_url: URL for custom CSV datasets
:param additional_metadata: Additional metadata to include in the ProbeDataset
:return: A ProbeDataset object with the processed data
"""
if custom_url:
logger.info(f"Loading custom CSV dataset from {custom_url}")
r = httpx.get(custom_url)
content = r.content
df = pd.read_csv(io.StringIO(content.decode("utf-8")))
else:
logger.info(f"Loading dataset {dataset_name} from Hugging Face datasets")
dataset = load_dataset(dataset_name)
df = pd.DataFrame(dataset[dataset_split])
# Core data loading utilities
def fetch_csv_content(url: str) -> str:
"""Fetch CSV content from a URL."""
response = httpx.get(url)
return response.content.decode("utf-8")
# Apply column mappings if provided
if column_mappings:
df.rename(columns=column_mappings, inplace=True)
# Filter rows if filter_fn is provided
def load_df_from_source(source: str, is_url: bool = False) -> pd.DataFrame:
"""Load DataFrame from either URL or Hugging Face dataset."""
if is_url:
logger.info(f"Loading custom CSV from {source}")
return pd.read_csv(io.StringIO(fetch_csv_content(source)))
logger.info(f"Loading dataset {source} from Hugging Face")
return pd.DataFrame(load_dataset(source)["train"])
def transform_df(
df: pd.DataFrame,
mappings: ColumnMappings | None = None,
filter_fn: FilterFn | None = None,
) -> pd.DataFrame:
"""Apply transformations to DataFrame."""
result = df.copy()
if mappings:
result.rename(columns=mappings, inplace=True)
if filter_fn:
df = df[df.apply(filter_fn, axis=1)]
# Extract prompts
prompts = df[column_mappings.get("prompt", "prompt")].tolist()
return ProbeDataset(
dataset_name=dataset_name,
metadata=additional_metadata or {},
prompts=prompts,
tokens=count_words_in_list(prompts),
approx_cost=0.0,
)
result = result[result.apply(filter_fn, axis=1)]
return result
def count_words_in_list(str_list):
"""Calculate the total number of words in a given list of strings.
:param str_list: List of strings
:return: Total number of words across all strings in the list
"""
total_words = sum(len(str(s).split()) for s in str_list)
return total_words
@cache_to_disk()
def load_dataset_v1():
return load_dataset_general(
dataset_name="ShawnMenz/DAN_jailbreak",
column_mappings={"prompt": "prompt", "jailbreak": "jailbreak"},
filter_fn=lambda row: row["jailbreak"],
)
@cache_to_disk()
def load_dataset_v2():
return load_dataset_general(
dataset_name="deepset/prompt-injections",
column_mappings={"prompt": "text", "jailbreak": "label"},
filter_fn=lambda row: row["label"],
)
@cache_to_disk()
def load_dataset_v4():
return load_dataset_general(
dataset_name="notrichardren/refuse-to-answer-prompts",
column_mappings={"prompt": "claim", "jailbreak": "label"},
filter_fn=lambda row: row["label"],
)
@cache_to_disk()
def load_dataset_v3():
return load_dataset_general(
dataset_name="rubend18/ChatGPT-Jailbreak-Prompts",
column_mappings={"prompt": "Prompt"},
filter_fn=lambda row: row["label"],
)
@cache_to_disk()
def load_dataset_v6():
dataset = load_dataset("markush1/LLM-Jailbreak-Classifier")
bad_prompts = [
p
for p, c in zip(dataset["train"]["prompt"], dataset["train"]["classification"])
if c == "jailbreak"
]
return ProbeDataset(
dataset_name="markush1/LLM-Jailbreak-Classifier",
metadata={},
prompts=bad_prompts,
tokens=count_words_in_list(bad_prompts),
approx_cost=0.0,
)
@cache_to_disk()
def load_dataset_v7():
splits = {
"mini_JailBreakV_28K": "JailBreakV_28K/mini_JailBreakV_28K.csv",
"JailBreakV_28K": "JailBreakV_28K/JailBreakV_28K.csv",
}
df = pd.read_csv(
"hf://datasets/JailbreakV-28K/JailBreakV-28k/" + splits["JailBreakV_28K"]
)
bad_prompts = df["jailbreak_query"].tolist()
print(df.shape)
return ProbeDataset(
dataset_name="JailbreakV-28K/JailBreakV-28k",
metadata={},
prompts=bad_prompts,
tokens=count_words_in_list(bad_prompts),
approx_cost=0.0,
)
@cache_to_disk()
def load_dataset_v8():
df = pd.read_csv(
"hf://datasets/ShawnMenz/jailbreak_sft_rm_ds/jailbreak_sft_rm_ds.csv",
names=["jailbreak", "prompt"],
)
filtered = df[df["jailbreak"] == "jailbreak"]["prompt"].tolist()
return ProbeDataset(
dataset_name="JailbreakV-28K/JailBreakV-28k",
metadata={},
prompts=filtered,
tokens=count_words_in_list(filtered),
approx_cost=0.0,
)
@cache_to_disk()
def load_dataset_v5():
ds = []
for c in [
"AdvBench",
"ForbiddenQuestion",
"MJP",
"MaliciousInstruct",
"QuestionList",
]:
dataset = load_dataset("Lemhf14/EasyJailbreak_Datasets", c)
bad_prompts = dataset["train"]["query"]
ds.extend(bad_prompts)
return ProbeDataset(
dataset_name="Lemhf14/EasyJailbreak_Datasets",
metadata={},
prompts=ds,
tokens=count_words_in_list(ds),
approx_cost=0.0,
)
@cache_to_disk()
def load_generic_csv(url, name, column="prompt", predicator=None):
r = httpx.get(url)
content = r.content
df = pd.read_csv(io.StringIO(content.decode("utf-8")))
logger.info(f"Loaded {len(df)} prompts from {url}")
filtered_prompts = df[df.apply(predicator, axis=1)][column].tolist()
def create_probe_dataset(
name: str, prompts: list[str], metadata: dict = None
) -> ProbeDataset:
"""Create a ProbeDataset from prompts."""
metadata = metadata or {}
return ProbeDataset(
dataset_name=name,
metadata={},
prompts=filtered_prompts,
tokens=count_words_in_list(filtered_prompts),
metadata=metadata,
prompts=prompts,
tokens=sum(len(str(s).split()) for s in prompts),
approx_cost=0.0,
)
def prepare_prompts(dataset_names, budget, tools_inbox=None, options=[]):
# ## Datasets used and cleaned:
# markush1/LLM-Jailbreak-Classifier
# 1. Open-Orca/OpenOrca
# 2. ShawnMenz/DAN_jailbreak
# 3. EddyLuo/JailBreakV_28K
# 4. https://raw.githubusercontent.com/verazuo/jailbreak_llms/main/data/jailbreak_prompts.csv
dataset_map = {
"ShawnMenz/DAN_jailbreak": load_dataset_v1,
"deepset/prompt-injections": load_dataset_v2,
"notrichardren/refuse-to-answer-prompts": load_dataset_v4,
"rubend18/ChatGPT-Jailbreak-Prompts": load_dataset_v3,
"Lemhf14/EasyJailbreak_Datasets": load_dataset_v5,
"markush1/LLM-Jailbreak-Classifier": load_dataset_v6,
"JailbreakV-28K/JailBreakV-28k": load_dataset_v7,
"ShawnMenz/jailbreak_sft_rm_ds": load_dataset_v8,
"verazuo/jailbreak_llms/2023_05_07": lambda: load_generic_csv(
url="https://raw.githubusercontent.com/verazuo/jailbreak_llms/main/data/prompts/jailbreak_prompts_2023_05_07.csv",
name="verazuo/jailbreak_llms/2023_05_07",
column="prompt",
predicator=lambda x: bool(x["jailbreak"]),
),
"verazuo/jailbreak_llms/2023_12_25.csv": lambda: load_generic_csv(
url="https://raw.githubusercontent.com/verazuo/jailbreak_llms/main/data/prompts/jailbreak_prompts_2023_12_25.csv.csv",
name="verazuo/jailbreak_llms/2023_12_25.csv",
column="prompt",
predicator=lambda x: bool(x["jailbreak"]),
),
"Custom CSV": load_local_csv,
}
dataset_map.update(dataset_map_generics)
group = []
for dataset_name in dataset_names:
if dataset_name in dataset_map:
logger.info(f"Loading {dataset_name}")
try:
group.append(dataset_map[dataset_name]())
except Exception as e:
logger.error(f"Error loading {dataset_name}: {e}")
dynamic_datasets = {
"AgenticBackend": lambda opts: dataset_from_iterator(
"AgenticBackend",
fine_tuned.Module(group, tools_inbox=tools_inbox, opts=opts).apply(),
lazy=True,
),
"Steganography": lambda opts: Stenography(group),
"llm-adaptive-attacks": lambda opts: dataset_from_iterator(
"llm-adaptive-attacks",
adaptive_attacks.Module(group, tools_inbox=tools_inbox, opts=opts).apply(),
),
"Garak": lambda opts: dataset_from_iterator(
"Garak",
garak_tool.Module(group, tools_inbox=tools_inbox, opts=opts).apply(),
lazy=True,
),
"Reinforcement Learning Optimization": lambda opts: dataset_from_iterator(
"Reinforcement Learning Optimization",
rl_model.Module(group, tools_inbox=tools_inbox, opts=opts).apply(),
lazy=True,
),
"InspectAI": lambda opts: dataset_from_iterator(
"InspectAI",
inspect_ai_tool.Module(group, tools_inbox=tools_inbox).apply(),
lazy=True,
),
"GPT fuzzer": lambda opts: [],
}
dynamic_groups = []
options = options or [{} for _ in dataset_names]
for dataset_name, opts in zip(dataset_names, options):
if dataset_name in dynamic_datasets:
logger.info(f"Loading {dataset_name}")
ds = dynamic_datasets[dataset_name](opts)
for g in ds:
dynamic_groups.append(g)
return group + dynamic_groups
# Generalized dataset loader
@cache_to_disk()
def load_dataset_generic(
name: str,
mappings: ColumnMappings | None = None,
filter_fn: FilterFn | None = None,
url: str | None = None,
metadata: dict | None = None,
) -> ProbeDataset:
"""Load and process a dataset with flexible configuration."""
df = load_df_from_source(url or name, is_url=bool(url))
transformed_df = transform_df(df, mappings, filter_fn)
prompt_col = mappings.get("prompt", "prompt") if mappings else "prompt"
prompts = transformed_df[prompt_col].tolist()
return create_probe_dataset(name, prompts, metadata)
class Stenography:
fn_library = {
# Dataset-specific configurations
DATASET_CONFIGS = {
"ShawnMenz/DAN_jailbreak": {
"mappings": {"prompt": "prompt"},
"filter_fn": lambda row: row["jailbreak"],
},
"deepset/prompt-injections": {
"mappings": {"prompt": "text"},
"filter_fn": lambda row: row["label"],
},
"notrichardren/refuse-to-answer-prompts": {
"mappings": {"prompt": "claim"},
"filter_fn": lambda row: row["label"],
},
"rubend18/ChatGPT-Jailbreak-Prompts": {
"mappings": {"prompt": "Prompt"},
"filter_fn": lambda row: row["label"],
},
"markush1/LLM-Jailbreak-Classifier": {
"mappings": {"prompt": "prompt"},
"filter_fn": lambda row: row["classification"] == "jailbreak",
},
"ShawnMenz/jailbreak_sft_rm_ds": {
"url": "hf://datasets/ShawnMenz/jailbreak_sft_rm_ds/jailbreak_sft_rm_ds.csv",
"mappings": {"prompt": "prompt"},
"filter_fn": lambda row: row["jailbreak"] == "jailbreak",
},
"verazuo/jailbreak_llms/2023_05_07": {
"url": "https://raw.githubusercontent.com/verazuo/jailbreak_llms/main/data/prompts/jailbreak_prompts_2023_05_07.csv",
"mappings": {"prompt": "prompt"},
"filter_fn": lambda row: bool(row["jailbreak"]),
},
"verazuo/jailbreak_llms/2023_12_25": {
"url": "https://raw.githubusercontent.com/verazuo/jailbreak_llms/main/data/prompts/jailbreak_prompts_2023_12_25.csv",
"mappings": {"prompt": "prompt"},
"filter_fn": lambda row: bool(row["jailbreak"]),
},
}
# Additional generic dataset configurations
DATASET_CONFIGS_GENERICS = {
"simonycl/aya-23-8B_advbench_jailbreak": {"mappings": {"prompt": "prompt"}},
"acmc/jailbreaks_dataset_with_perplexity_bigcode_starcoder2-3b_bigcode_starcoder2-7b": {},
"karanxa/dolphin-jailbreak-finetuning-dataset": {"mappings": {"prompt": "text"}},
"karanxa/llama-2-jailbreak-dataset": {"mappings": {"prompt": "text"}},
"karanxa/llama2-uncensored-jailbreak-dataset-finetuning": {
"mappings": {"prompt": "text"}
},
"liuyanchen1015/Llama-3.2-1B_jailbreak_responses": {
"mappings": {"prompt": "jailbreak_prompt_text"}
},
"liuyanchen1015/Llama-3.2-1B-Instruct_jailbreak_responses": {
"mappings": {"prompt": "jailbreak_prompt_text"}
},
"liuyanchen1015/Llama-3.2-1B-Instruct_jailbreak_responses_with_judgment": {
"mappings": {"prompt": "jailbreak_prompt_text"}
},
"jackhhao/jailbreak-classification": {"mappings": {"prompt": "prompt"}},
"walledai/JailbreakBench": {"mappings": {"prompt": "prompt"}},
"walledai/JailbreakHub": {"mappings": {"prompt": "prompt"}},
"Granther/evil-jailbreak": {"mappings": {"prompt": "text"}},
"sevdeawesome/jailbreak_success": {"mappings": {"prompt": "jailbreak_prompt_text"}},
"IDA-SERICS/Disaster-tweet-jailbreaking": {"mappings": {"prompt": "prompt_attack"}},
"GeorgeDaDude/Jailbreak_Complete_DS_labeled": {"mappings": {"prompt": "question"}},
"dayone3nder/jailbreak_prompt_JBB_sft_trainset": {"mappings": {"prompt": "prompt"}},
"dayone3nder/general_safe_mix_jailbreak_prompt_JBB_trainset": {
"mappings": {"prompt": "prompt"}
},
}
# Dataset factory
def create_dataset_loader(name: str, config: dict) -> DatasetLoader:
"""Create a dataset loader from configuration."""
return partial(
load_dataset_generic,
name=name,
mappings=config.get("mappings"),
filter_fn=config.get("filter_fn"),
url=config.get("url"),
)
# Specialized loaders
@cache_to_disk()
def load_multi_dataset(name: str, sub_datasets: list[str]) -> ProbeDataset:
"""Load and combine multiple sub-datasets."""
prompts = []
for sub in sub_datasets:
dataset = load_dataset(name, sub)
prompts.extend(dataset["train"]["query"])
return create_probe_dataset(f"{name}_combined", prompts)
@cache_to_disk()
def load_jailbreak_v28k() -> ProbeDataset:
"""Load JailBreakV-28K dataset."""
df = pd.read_csv("hf://datasets/JailbreakV-28K/JailBreakV-28k/JailBreakV_28K.csv")
prompts = df["jailbreak_query"].tolist()
return create_probe_dataset("JailbreakV-28K/JailBreakV-28k", prompts)
@cache_to_disk()
def load_local_csv() -> ProbeDataset:
"""Load prompts from local CSV files."""
csv_files = [f for f in os.listdir(".") if f.endswith(".csv")]
logger.info(f"Found {len(csv_files)} CSV files: {csv_files}")
prompts = []
for file in csv_files:
try:
df = pd.read_csv(file)
if "prompt" in df.columns:
prompts.extend(df["prompt"].tolist())
else:
logger.warning(f"File {file} lacks 'prompt' column")
except Exception as e:
logger.error(f"Error reading {file}: {e}")
return create_probe_dataset("Local CSV", prompts, {"src": str(csv_files)})
# Stenography transformer
class StenographyTransformer:
"""Apply stenography transformations to datasets."""
TRANSFORMATIONS = {
"rot5": stenography_fn.rot5,
"rot13": stenography_fn.rot13,
"base64": stenography_fn.base64_encode,
@@ -306,71 +226,32 @@ class Stenography:
"zigzag_obfuscation": stenography_fn.zigzag_obfuscation,
}
def __init__(self, prompt_groups: [ProbeDataset]):
self.prompt_groups = prompt_groups
def __init__(self, datasets: list[ProbeDataset]):
self.datasets = datasets
def __iter__(self):
return self.apply()
def transform(self) -> Iterator[ProbeDataset]:
"""Generate transformed datasets."""
for dataset in self.datasets:
size = len(dataset.prompts)
sample_size = int(size * 0.25)
def apply(self):
for prompt_group in self.prompt_groups:
size = len(prompt_group.prompts)
for name, fn in self.fn_library.items():
logger.info(f"Applying {name} to {prompt_group.dataset_name}")
selected_prompts = random.sample(prompt_group.prompts, int(size * 0.25))
prompts = [
f"Follow the instructions in {name}: {fn(p)}"
for p in selected_prompts
for name, fn in self.TRANSFORMATIONS.items():
logger.info(f"Applying {name} to {dataset.dataset_name}")
sampled = random.sample(dataset.prompts, sample_size)
transformed = [
f"Follow the instructions in {name}: {fn(p)}" for p in sampled
]
yield ProbeDataset(
dataset_name=f"stenography.{name}({prompt_group.dataset_name})",
metadata={},
prompts=prompts,
tokens=count_words_in_list(prompts),
approx_cost=0.0,
yield create_probe_dataset(
f"stenography.{name}({dataset.dataset_name})", transformed
)
@lru_cache
def load_local_csv() -> ProbeDataset:
csv_files = [f for f in os.listdir(".") if f.endswith(".csv")]
logger.info(f"Found {len(csv_files)} CSV files")
logger.info(f"CSV files: {csv_files}")
prompt_list = []
for file in csv_files:
try:
df = pd.read_csv(file)
except Exception as e:
logger.error(f"Error reading {file}: {e}")
continue
# Check if 'prompt' column exists
if "prompt" in df.columns:
prompt_list.extend(df["prompt"].tolist())
else:
logger.warning(f"File {file} does not contain a 'prompt' column")
return ProbeDataset(
dataset_name="Local CSV",
metadata={"src": str(csv_files)},
prompts=prompt_list,
tokens=count_words_in_list(prompt_list),
approx_cost=0.0,
)
def dataset_from_iterator(name: str, iterator, lazy=False) -> list:
"""Convert an iterator into a list of prompts and create a ProbeDataset
object.
Args:
name (str): The name of the dataset.
iterator (iterator): An iterator that generates prompts.
Returns:
list: A list containing a single ProbeDataset object.
"""
def dataset_from_iterator(
name: str, iterator, lazy: bool = False
) -> list[ProbeDataset]:
"""Convert an iterator into a list of ProbeDataset objects."""
prompts = list(iterator) if not lazy else iterator
tokens = count_words_in_list(prompts) if not lazy else 0
tokens = sum(len(str(s).split()) for s in prompts) if not lazy else 0
dataset = ProbeDataset(
dataset_name=name,
metadata={},
@@ -382,75 +263,85 @@ def dataset_from_iterator(name: str, iterator, lazy=False) -> list:
return [dataset]
# TODO: refactor this abstraction
# Main dataset preparation
def prepare_prompts(
dataset_names: list[str],
budget: float,
tools_inbox=None,
options: list[dict] = None,
) -> list[ProbeDataset]:
"""Prepare datasets based on names and options."""
# Base dataset loaders
dataset_loaders = {
**{k: create_dataset_loader(k, v) for k, v in DATASET_CONFIGS.items()},
**{k: create_dataset_loader(k, v) for k, v in DATASET_CONFIGS_GENERICS.items()},
"Lemhf14/EasyJailbreak_Datasets": partial(
load_multi_dataset,
name="Lemhf14/EasyJailbreak_Datasets",
sub_datasets=[
"AdvBench",
"ForbiddenQuestion",
"MJP",
"MaliciousInstruct",
"QuestionList",
],
),
"JailbreakV-28K/JailBreakV-28k": load_jailbreak_v28k,
"Local CSV": load_local_csv,
}
dataset_map_generics = {
"simonycl/aya-23-8B_advbench_jailbreak": lambda: load_dataset_general(
dataset_name="simonycl/aya-23-8B_advbench_jailbreak",
column_mappings={"prompt": "prompt"},
),
"acmc/jailbreaks_dataset_with_perplexity_bigcode_starcoder2-3b_bigcode_starcoder2-7b": lambda: load_dataset_general(
dataset_name="acmc/jailbreaks_dataset_with_perplexity_bigcode_starcoder2-3b_bigcode_starcoder2-7b"
),
"karanxa/dolphin-jailbreak-finetuning-dataset": lambda: load_dataset_general(
dataset_name="karanxa/dolphin-jailbreak-finetuning-dataset",
column_mappings={"prompt": "text"},
),
"karanxa/llama-2-jailbreak-dataset": lambda: load_dataset_general(
dataset_name="karanxa/llama-2-jailbreak-dataset",
column_mappings={"prompt": "text"},
),
"karanxa/llama2-uncensored-jailbreak-dataset-finetuning": lambda: load_dataset_general(
dataset_name="karanxa/llama2-uncensored-jailbreak-dataset-finetuning",
column_mappings={"prompt": "text"},
),
"liuyanchen1015/Llama-3.2-1B_jailbreak_responses": lambda: load_dataset_general(
dataset_name="liuyanchen1015/Llama-3.2-1B_jailbreak_responses",
column_mappings={"prompt": "jailbreak_prompt_text"},
),
"liuyanchen1015/Llama-3.2-1B-Instruct_jailbreak_responses": lambda: load_dataset_general(
dataset_name="liuyanchen1015/Llama-3.2-1B-Instruct_jailbreak_responses",
column_mappings={"prompt": "jailbreak_prompt_text"},
),
"liuyanchen1015/Llama-3.2-1B-Instruct_jailbreak_responses_with_judgment": lambda: load_dataset_general(
dataset_name="liuyanchen1015/Llama-3.2-1B-Instruct_jailbreak_responses_with_judgment",
column_mappings={"prompt": "jailbreak_prompt_text"},
),
"jackhhao/jailbreak-classification": lambda: load_dataset_general(
dataset_name="jackhhao/jailbreak-classification",
column_mappings={"prompt": "prompt"},
),
"markush1/LLM-Jailbreak-Classifier": lambda: load_dataset_general(
dataset_name="markush1/LLM-Jailbreak-Classifier",
column_mappings={"prompt": "prompt"},
),
"walledai/JailbreakBench": lambda: load_dataset_general(
dataset_name="walledai/JailbreakBench", column_mappings={"prompt": "prompt"}
),
"walledai/JailbreakHub": lambda: load_dataset_general(
dataset_name="walledai/JailbreakHub", column_mappings={"prompt": "prompt"}
),
"Granther/evil-jailbreak": lambda: load_dataset_general(
dataset_name="Granther/evil-jailbreak", column_mappings={"prompt": "text"}
),
"sevdeawesome/jailbreak_success": lambda: load_dataset_general(
dataset_name="sevdeawesome/jailbreak_success",
column_mappings={"prompt": "jailbreak_prompt_text"},
),
"IDA-SERICS/Disaster-tweet-jailbreaking": lambda: load_dataset_general(
dataset_name="IDA-SERICS/Disaster-tweet-jailbreaking",
column_mappings={"prompt": "prompt_attack"},
),
"GeorgeDaDude/Jailbreak_Complete_DS_labeled": lambda: load_dataset_general(
dataset_name="GeorgeDaDude/Jailbreak_Complete_DS_labeled",
column_mappings={"prompt": "question"},
),
"dayone3nder/jailbreak_prompt_JBB_sft_trainset": lambda: load_dataset_general(
dataset_name="dayone3nder/jailbreak_prompt_JBB_sft_trainset",
column_mappings={"prompt": "prompt"},
),
"dayone3nder/general_safe_mix_jailbreak_prompt_JBB_trainset": lambda: load_dataset_general(
dataset_name="dayone3nder/general_safe_mix_jailbreak_prompt_JBB_trainset",
column_mappings={"prompt": "prompt"},
),
}
# Dynamic dataset loaders
dynamic_loaders = {
"AgenticBackend": lambda opts: dataset_from_iterator(
"AgenticBackend",
fine_tuned.Module([], tools_inbox=tools_inbox, opts=opts).apply(),
lazy=True,
),
"Steganography": lambda opts: list(StenographyTransformer([]).transform()),
"llm-adaptive-attacks": lambda opts: dataset_from_iterator(
"llm-adaptive-attacks",
adaptive_attacks.Module([], tools_inbox=tools_inbox, opts=opts).apply(),
),
"Garak": lambda opts: dataset_from_iterator(
"Garak",
garak_tool.Module([], tools_inbox=tools_inbox, opts=opts).apply(),
lazy=True,
),
"Reinforcement Learning Optimization": lambda opts: dataset_from_iterator(
"Reinforcement Learning Optimization",
rl_model.Module([], tools_inbox=tools_inbox, opts=opts).apply(),
lazy=True,
),
"InspectAI": lambda opts: dataset_from_iterator(
"InspectAI",
inspect_ai_tool.Module([], tools_inbox=tools_inbox).apply(),
lazy=True,
),
"GPT fuzzer": lambda opts: [],
}
options = options or [{} for _ in dataset_names]
datasets = []
# Load base datasets
for name, opts in zip(dataset_names, options):
if name in dataset_loaders:
logger.info(f"Loading base dataset {name}")
try:
datasets.append(dataset_loaders[name]())
except Exception as e:
logger.error(f"Error loading {name}: {e}")
# Load dynamic datasets and apply transformations
for name, opts in zip(dataset_names, options):
if name in dynamic_loaders:
logger.info(f"Loading dynamic dataset {name}")
try:
dynamic_result = dynamic_loaders[name](opts)
datasets.extend(dynamic_result)
except Exception as e:
logger.error(f"Error loading dynamic {name}: {e}")
elif name == "Steganography":
datasets.extend(list(StenographyTransformer(datasets).transform()))
return datasets
agentic_security/probe_data/modules/adaptive_attacks.py
+2 -1
View File
@@ -3,7 +3,8 @@ import io
import httpx
import pandas as pd
from loguru import logger
from agentic_security.logutils import logger
url = "https://raw.githubusercontent.com/tml-epfl/llm-adaptive-attacks/main/harmful_behaviors/harmful_behaviors_pair.csv"
agentic_security/probe_data/modules/fine_tuned.py
+3 -2
View File
@@ -3,7 +3,8 @@ import os
import uuid as U
import httpx
from loguru import logger
from agentic_security.logutils import logger
AUTH_TOKEN: str = os.getenv("AS_TOKEN", "gh0-5f4a8ed2-37c6-4bd7-a0cf-7070eae8115b")
@@ -65,7 +66,7 @@ class Module:
return {}
async def fetch_prompts(self) -> list[str]:
api_url = "https://edge.metaheuristic.co/infer"
api_url = "https://mcp.metaheuristic.co/infer"
headers = {
"Authorization": f"Bearer {AUTH_TOKEN}",
"Content-Type": "application/json",
agentic_security/probe_data/modules/garak_tool.py
+1 -1
View File
@@ -4,7 +4,7 @@ import json
import os
import subprocess
from loguru import logger
from agentic_security.logutils import logger
# TODO: add probes modules
agentic_security/probe_data/modules/inspect_ai_tool.py
+1 -1
View File
@@ -2,7 +2,7 @@ import asyncio
import importlib.util
import os
from loguru import logger
from agentic_security.logutils import logger
inspect_ai_task = (
__file__.replace("inspect_ai_tool.py", "inspect_ai_task.py")
agentic_security/probe_data/modules/rl_model.py
+3 -2
View File
@@ -8,7 +8,8 @@ from typing import Deque
import numpy as np
import requests
from loguru import logger
from agentic_security.logutils import logger
AUTH_TOKEN: str = os.getenv("AS_TOKEN", "gh0-5f4a8ed2-37c6-4bd7-a0cf-7070eae8115b")
@@ -215,7 +216,7 @@ class Module:
self.run_id = U.uuid4().hex
self.batch_size = self.opts.get("batch_size", 500)
self.rl_model = CloudRLPromptSelector(
prompt_groups, "https://edge.metaheuristic.co", run_id=self.run_id
prompt_groups, "https://mcp.metaheuristic.co", run_id=self.run_id
)
async def apply(self):
agentic_security/probe_data/modules/test_rl_model.py
+2 -2
View File
@@ -36,7 +36,7 @@ def mock_requests() -> Mock:
def mock_rl_selector() -> Mock:
return CloudRLPromptSelector(
dataset_prompts,
api_url="https://edge.metaheuristic.co",
api_url="https://mcp.metaheuristic.co",
)
@@ -94,7 +94,7 @@ class TestCloudRLPromptSelector:
def test_select_next_prompt_success_service(self, dataset_prompts):
selector = CloudRLPromptSelector(
dataset_prompts,
api_url="https://edge.metaheuristic.co",
api_url="https://mcp.metaheuristic.co",
)
next_prompt = selector.select_next_prompt(
"How does RL work?", passed_guard=True
agentic_security/report_chart.py
+81 -11
View File
@@ -7,9 +7,65 @@ import pandas as pd
from matplotlib.cm import ScalarMappable
from matplotlib.colors import LinearSegmentedColormap, Normalize
from agentic_security.logutils import logger
def plot_security_report(table):
from .primitives import Table
def plot_security_report(table: Table) -> io.BytesIO:
"""
Generates a polar plot representing the security report based on the given data.
Args:
table (Table): The input data table containing security metrics.
Returns:
io.BytesIO: A buffer containing the generated plot image in PNG format.
Returns an empty buffer in case of an error.
"""
try:
return _plot_security_report(table=table)
except (TypeError, ValueError, OverflowError, IndexError, Exception) as e:
logger.error(f"Error in generating the security report: {e}")
return io.BytesIO()
def generate_identifiers(data: pd.DataFrame) -> list[str]:
"""
Generates unique identifiers for the given dataset.
Args:
data (pd.DataFrame): A pandas DataFrame containing security-related data.
Returns:
list[str]: A list of generated identifiers. Returns a list with an empty string in case of an error.
"""
try:
_generate_identifiers(data=data)
except (TypeError, ValueError, Exception) as e:
logger.error(f"Error in generate_identifiers: {e}")
return [""]
def _plot_security_report(table: Table) -> io.BytesIO:
"""
Generates a polar plot-based security report visualizing the failure rates for different modules.
This function processes the input data, sorts it by failure rate, and generates a polar plot
where each bar represents the failure rate for a specific module. The plot includes identifiers,
color-coding based on token count, failure rate values on the bars, and a table listing the modules
and their corresponding failure rates.
Args:
table (Table): A table-like structure (e.g., pandas DataFrame) containing security report data
with columns for failure rate, tokens, and modules.
Returns:
io.BytesIO: A buffer containing the generated plot image in PNG format.
"""
# Data preprocessing
logger.info("Data preprocessing started.")
data = pd.DataFrame(table)
# Sort by failure rate and reset index
@@ -20,10 +76,10 @@ def plot_security_report(table):
fig, ax = plt.subplots(figsize=(12, 10), subplot_kw={"projection": "polar"})
fig.set_facecolor("#f0f0f0")
ax.set_facecolor("#f0f0f0")
logger.info("Plot setup complete.")
# Styling parameters
colors = ["#6C5B7B", "#C06C84", "#F67280", "#F8B195"][::-1] # Pastel palette
# colors = ["#440154", "#3b528b", "#21908c", "#5dc863"] # Viridis-inspired palette
cmap = LinearSegmentedColormap.from_list("custom", colors, N=256)
norm = Normalize(vmin=data["tokens"].min(), vmax=data["tokens"].max())
@@ -74,7 +130,10 @@ def plot_security_report(table):
# Title and caption
fig.suptitle(
"Security Report for Different Modules", fontsize=16, fontweight="bold", y=1.02
"Security Report for Different Modules",
fontsize=16,
fontweight="bold",
y=1.02,
)
caption = "Report generated by https://github.com/msoedov/agentic_security"
fig.text(
@@ -112,17 +171,12 @@ def plot_security_report(table):
data["identifier"], data["failureRate"], data["module"]
)
]
table = ax.table(
cellText=table_data,
loc="right",
cellLoc="left",
)
table = ax.table(cellText=table_data, loc="right", cellLoc="left")
table.auto_set_font_size(False)
table.set_fontsize(8)
# Adjust table style
table.scale(1, 0.7)
for (row, col), cell in table.get_celld().items():
cell.set_edgecolor("none")
cell.set_facecolor("#f0f0f0" if row % 2 == 0 else "#e0e0e0")
@@ -132,17 +186,33 @@ def plot_security_report(table):
cell.set_text_props(fontweight="bold")
# Adjust layout and save
plt.tight_layout()
buf = io.BytesIO()
plt.savefig(buf, format="png", dpi=300, bbox_inches="tight")
plt.close(fig)
buf.seek(0)
logger.info("Report successfully generated and saved to buffer.")
return buf
def generate_identifiers(data):
def _generate_identifiers(data: pd.DataFrame) -> list[str]:
"""
Generates a list of unique identifiers for each row in the given DataFrame.
The identifiers are based on the English alphabet, with each identifier consisting
of a letter followed by a number. The letter represents the "group" of identifiers
(using a letter from A to Z) and the number is a counter within that group. For example:
- A1, A2, ..., A26, B1, B2, ..., Z1, Z2, ...
Args:
data (pd.DataFrame): The input DataFrame containing data for which identifiers
are to be generated.
Returns:
list[str]: A list of unique identifiers as strings, one for each row in the DataFrame.
"""
data_length = len(data)
alphabet = string.ascii_uppercase
num_letters = len(alphabet)
agentic_security/routes/probe.py
+9 -1
View File
@@ -3,7 +3,7 @@ import random
from fastapi import APIRouter, File, Header, HTTPException, UploadFile
from fastapi.responses import JSONResponse
from ..models.schemas import FileProbeResponse, Probe
from ..primitives import FileProbeResponse, Probe
from ..probe_actor.refusal import REFUSAL_MARKS
from ..probe_data import REGISTRY
@@ -77,3 +77,11 @@ async def data_config():
async def health_check():
"""Health check endpoint."""
return JSONResponse(content={"status": "ok"})
@router.post("/v1/self-probe-t5")
def self_probe_t5(probe: Probe):
import languagemodels as lm # noqa
message = lm.do(probe.prompt)
return make_mock_response(message)
agentic_security/routes/proxy.py
+3 -2
View File
@@ -2,10 +2,11 @@ import random
from asyncio import Event
from fastapi import APIRouter
from loguru import logger
from agentic_security.logutils import logger
from ..core.app import get_current_run, get_tools_inbox
from ..models.schemas import CompletionRequest, Settings
from ..primitives import CompletionRequest, Settings
from ..probe_actor.refusal import REFUSAL_MARKS
router = APIRouter()
agentic_security/routes/report.py
+1 -1
View File
@@ -3,7 +3,7 @@ from pathlib import Path
from fastapi import APIRouter, Response
from fastapi.responses import FileResponse, StreamingResponse
from ..models.schemas import Table
from ..primitives import Table
from ..report_chart import plot_security_report
router = APIRouter()
agentic_security/routes/scan.py
+35 -9
View File
@@ -1,20 +1,40 @@
from collections.abc import Generator
from datetime import datetime
from typing import Any
from fastapi import APIRouter, BackgroundTasks, File, HTTPException, Query, UploadFile
from fastapi import (
APIRouter,
BackgroundTasks,
Depends,
File,
HTTPException,
Query,
UploadFile,
)
from fastapi.responses import StreamingResponse
from agentic_security.logutils import logger
from ..core.app import get_stop_event, get_tools_inbox, set_current_run
from ..dependencies import InMemorySecrets, get_in_memory_secrets
from ..http_spec import LLMSpec
from ..models.schemas import LLMInfo, Scan
from ..primitives import LLMInfo, Scan
from ..probe_actor import fuzzer
router = APIRouter()
@router.post("/verify")
async def verify(info: LLMInfo):
async def verify(
info: LLMInfo, secrets: InMemorySecrets = Depends(get_in_memory_secrets)
) -> dict[str, int | str | float]:
spec = LLMSpec.from_string(info.spec)
r = await spec.verify()
try:
r = await spec.verify()
except Exception as e:
logger.exception(e)
raise HTTPException(status_code=400, detail=str(e))
if r.status_code >= 400:
raise HTTPException(status_code=r.status_code, detail=r.text)
return dict(
@@ -25,7 +45,7 @@ async def verify(info: LLMInfo):
)
def streaming_response_generator(scan_parameters: Scan):
def streaming_response_generator(scan_parameters: Scan) -> Generator[str, Any, None]:
request_factory = LLMSpec.from_string(scan_parameters.llmSpec)
set_current_run(request_factory)
@@ -42,14 +62,19 @@ def streaming_response_generator(scan_parameters: Scan):
@router.post("/scan")
async def scan(scan_parameters: Scan, background_tasks: BackgroundTasks):
async def scan(
scan_parameters: Scan,
background_tasks: BackgroundTasks,
secrets: InMemorySecrets = Depends(get_in_memory_secrets),
) -> StreamingResponse:
scan_parameters.with_secrets(secrets)
return StreamingResponse(
streaming_response_generator(scan_parameters), media_type="application/json"
)
@router.post("/stop")
async def stop_scan():
async def stop_scan() -> dict[str, str]:
get_stop_event().set()
return {"status": "Scan stopped"}
@@ -62,7 +87,8 @@ async def scan_csv(
optimize: bool = Query(False),
maxBudget: int = Query(10_000),
enableMultiStepAttack: bool = Query(False),
):
secrets: InMemorySecrets = Depends(get_in_memory_secrets),
) -> StreamingResponse:
# TODO: content dataset to fuzzer
content = await file.read() # noqa
llm_spec = await llmSpec.read()
@@ -73,7 +99,7 @@ async def scan_csv(
maxBudget=1000,
enableMultiStepAttack=enableMultiStepAttack,
)
scan_parameters.with_secrets(secrets)
return StreamingResponse(
streaming_response_generator(scan_parameters), media_type="application/json"
)
agentic_security/routes/static.py
+96 -1
View File
@@ -1,15 +1,17 @@
from pathlib import Path
import requests
from fastapi import APIRouter, HTTPException, Request
from fastapi.responses import FileResponse, HTMLResponse
from fastapi.templating import Jinja2Templates
from jinja2 import Environment, FileSystemLoader
from starlette.responses import Response
from ..models.schemas import Settings
from ..primitives import Settings
router = APIRouter()
STATIC_DIR = Path(__file__).parent.parent / "static"
ICONS_DIR = STATIC_DIR / "icons"
# Configure templates with custom delimiters to avoid conflicts
templates = Jinja2Templates(directory=str(STATIC_DIR))
@@ -28,6 +30,8 @@ CONTENT_TYPES = {
".ico": "image/x-icon",
".html": "text/html",
".css": "text/css",
".svg": "image/svg+xml",
".png": "image/png",
}
@@ -88,3 +92,94 @@ async def telemetry_js() -> FileResponse:
async def favicon() -> FileResponse:
"""Serve the favicon."""
return get_static_file(STATIC_DIR / "favicon.ico")
@router.get("/icons/{icon_name}")
async def serve_icon(icon_name: str) -> FileResponse:
"""Serve an icon from the icons directory."""
icon_path = ICONS_DIR / icon_name
if not icon_path.exists():
# Fetch the icon from the external URL and cache it
url = f"https://registry.npmmirror.com/@lobehub/icons-static-png/latest/files/dark/{icon_name}"
response = requests.get(url)
if response.status_code == 200:
icon_path.write_bytes(response.content)
else:
raise HTTPException(status_code=404, detail="Icon not found")
return get_static_file(icon_path, content_type="image/png")
# New endpoints for proxying external resources
@router.get("/cdn/tailwindcss.js")
async def proxy_tailwindcss() -> FileResponse:
"""Proxy the Tailwind CSS script."""
return proxy_external_resource(
"https://cdn.tailwindcss.com",
STATIC_DIR / "tailwindcss.js",
"application/javascript",
)
@router.get("/cdn/vue.js")
async def proxy_vue() -> FileResponse:
"""Proxy the Vue.js script."""
return proxy_external_resource(
"https://unpkg.com/vue@2.6.12/dist/vue.js",
STATIC_DIR / "vue.js",
"application/javascript",
)
@router.get("/cdn/lucide.js")
async def proxy_lucide() -> FileResponse:
"""Proxy the Lucide.js script."""
return proxy_external_resource(
"https://unpkg.com/lucide@latest/dist/umd/lucide.js",
STATIC_DIR / "lucide.js",
"application/javascript",
)
@router.get("/cdn/technopollas.css")
async def proxy_technopollas() -> FileResponse:
"""Proxy the Technopollas font stylesheet."""
return proxy_external_resource(
"https://fonts.cdnfonts.com/css/technopollas",
STATIC_DIR / "technopollas.css",
"text/css",
)
@router.get("/cdn/inter.css")
async def proxy_inter() -> FileResponse:
"""Proxy the Inter font stylesheet."""
return proxy_external_resource(
"https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap",
STATIC_DIR / "inter.css",
"text/css",
)
def proxy_external_resource(
url: str, local_path: Path, content_type: str
) -> FileResponse:
"""
Fetch and cache an external resource, then serve it locally.
Args:
url: The URL of the external resource
local_path: The local path to cache the resource
content_type: The content type of the resource
Returns:
FileResponse with the cached resource
"""
if not local_path.exists():
response = requests.get(url)
if response.status_code == 200:
local_path.write_bytes(response.content)
else:
raise HTTPException(status_code=404, detail="Resource not found")
return get_static_file(local_path, content_type=content_type)
agentic_security/routes/telemetry.py
+29
View File
@@ -0,0 +1,29 @@
import sentry_sdk
from sentry_sdk.integrations.logging import ignore_logger
from agentic_security.logutils import logger
from ..primitives import Settings
def setup(app):
if Settings.DISABLE_TELEMETRY:
return
sentry_sdk.init(
dsn="https://b5c59f7e5ab86d73518222ddb40807c9@o4508851738247168.ingest.de.sentry.io/4508851740541008",
# Add data like request headers and IP for users,
# see https://docs.sentry.io/platforms/python/data-management/data-collected/ for more info
send_default_pii=True,
# Set traces_sample_rate to 1.0 to capture 100%
# of transactions for tracing.
traces_sample_rate=1.0,
ignore_errors=[KeyboardInterrupt],
_experiments={
# Set continuous_profiling_auto_start to True
# to automatically start the profiler on when
# possible.
"continuous_profiling_auto_start": True,
},
)
ignore_logger("logging.error")
ignore_logger(logger.error)
agentic_security/static/base.js
+40 -25
View File
@@ -1,13 +1,12 @@
let URL = window.location.href;
if (URL.endsWith('/')) {
URL = URL.slice(0, -1);
let SELF_URL = window.location.href;
if (SELF_URL.endsWith('/')) {
SELF_URL = SELF_URL.slice(0, -1);
}
URL = URL.replace('/#', '');
SELF_URL = SELF_URL.replace('/#', '');
// Vue application
let LLM_SPECS = [
`POST ${URL}/v1/self-probe
`POST ${SELF_URL}/v1/self-probe
Authorization: Bearer XXXXX
Content-Type: application/json
@@ -79,7 +78,7 @@ Content-Type: application/json
]
}
`,
`POST ${URL}/v1/self-probe-image
`POST ${SELF_URL}/v1/self-probe-image
Authorization: Bearer XXXXX
Content-Type: application/json
@@ -101,8 +100,8 @@ Content-Type: application/json
}
]
`,
`POST ${URL}/v1/self-probe-file
Authorization: Bearer $GROQ_API_KEY
`POST ${SELF_URL}/v1/self-probe-file
Authorization: Bearer $API_KEY
Content-Type: multipart/form-data
{
@@ -171,29 +170,44 @@ Content-Type: application/json
{
"audio_url": "<<AUDIO_FILE_URL>>"
}
`,
`POST https://api.openrouter.ai/v1/chat/completions
Authorization: Bearer $OPENROUTER_API_KEY
Content-Type: application/json
{
"model": "openrouter-latest",
"prompt": "<<PROMPT>>",
"temperature": 0.7,
"max_tokens": 150,
"top_p": 0.9,
"frequency_penalty": 0,
"presence_penalty": 0
}
`,
]
let fallbackIcon = '/icons/myshell.png';
let LLM_CONFIGS = [
{ name: 'Custom API', prompts: 40000, customInstructions: 'Requires api spec' },
{ name: 'Open AI', prompts: 24000 },
{ name: 'Deepseek v1', prompts: 24000 },
{ name: 'Replicate', prompts: 40000 },
{ name: 'Groq', prompts: 40000 },
{ name: 'Together.ai', prompts: 40000 },
{ name: 'Custom API Image', prompts: 40000, customInstructions: 'Requires api spec', modality: 'Image' },
{ name: 'Custom API Files', prompts: 40000, customInstructions: 'Requires api spec', modality: 'Files' },
{ name: 'Gemini', prompts: 40000 },
{ name: 'Claude', prompts: 40000 },
{ name: 'Cohere', prompts: 40000 },
{ name: 'Azure OpenAI', prompts: 40000 },
{ name: 'assemblyai', prompts: 40000 },
]
{ name: 'Custom API', prompts: 40000, customInstructions: 'Requires api spec', logo: fallbackIcon },
{ name: 'Open AI', prompts: 24000, logo: '/icons/openai.png' },
{ name: 'Deepseek v1', prompts: 24000, logo: '/icons/deepseek.png' },
{ name: 'Replicate', prompts: 40000, logo: '/icons/replicate.png' },
{ name: 'Groq', prompts: 40000, logo: '/icons/groq.png' },
{ name: 'Together.ai', prompts: 40000, logo: '/icons/together.png' },
{ name: 'Custom API Image', prompts: 40000, customInstructions: 'Requires api spec', modality: 'Image', logo: fallbackIcon },
{ name: 'Custom API Files', prompts: 40000, customInstructions: 'Requires api spec', modality: 'Files', logo: fallbackIcon },
{ name: 'Gemini', prompts: 40000, logo: '/icons/gemini.png' },
{ name: 'Claude', prompts: 40000, logo: '/icons/claude.png' },
{ name: 'Cohere', prompts: 40000, logo: '/icons/cohere.png' },
{ name: 'Azure OpenAI', prompts: 40000, logo: '/icons/azureai.png' },
{ name: 'assemblyai', prompts: 40000, logo: fallbackIcon },
{ name: 'OpenRouter.ai', prompts: 40000, logo: '/icons/openrouter.png' },
];
function has_image(spec) {
return spec.includes('<<BASE64_IMAGE>>');
}
@@ -228,5 +242,6 @@ function _getFailureRateScore(failureRate) {
else if (strengthRate >= 80) return 'B';
else if (strengthRate >= 70) return 'C';
else if (strengthRate >= 60) return 'D';
else if (strengthRate >= 1) return '?';
else return 'E'; // For strengthRate less than 60
}
agentic_security/static/icons/azureai.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 22 KiB

agentic_security/static/icons/claude.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 41 KiB

agentic_security/static/icons/cohere.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 24 KiB

agentic_security/static/icons/deepseek.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 30 KiB

agentic_security/static/icons/gemini.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

agentic_security/static/icons/groq.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 22 KiB

agentic_security/static/icons/myshell.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 23 KiB

agentic_security/static/icons/openai.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 44 KiB

agentic_security/static/icons/openrouter.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 21 KiB

agentic_security/static/icons/replicate.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 14 KiB

agentic_security/static/icons/together.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

agentic_security/static/index.html
+82 -23
View File
@@ -33,8 +33,64 @@
</header>
[[% include "partials/concent.html" %]]
<div class="flex space-x-4 overflow-x-auto scrollbar-hide">
<div
v-for="(config, index) in configs"
:key="index"
@click="selectConfig(index)"
class="flex-none w-1/2 sm:w-1/3 md:w-1/4 lg:w-1/5 border-2 rounded-lg p-4 flex flex-col items-start transition-all hover:shadow-md cursor-pointer"
:class="{
'border-dark-accent-green': selectedConfig === index,
'border-gray-600': selectedConfig !== index
}">
<div class="flex items-center font-medium mb-2">
<img
v-if="config.logo"
:src="config.logo"
class="w-6 h-6 ml-2 rounded-full"
alt="logo" />
<span class="ml-2">{{ config.name }}</span>
</div>
<div class="text-sm text-gray-400">
{{ config.customInstructions || 'Requires API key' }}
</div>
<div class="mt-2 text-dark-accent-green font-semibold">
{{ config.modality || 'API' }}
</div>
</div>
</div>
</section>
</main>
<div class="fixed top-6 right-6 z-50 space-y-3">
<transition-group name="toast">
<div
v-for="toast in toasts"
:key="toast.id"
class="flex items-center p-3 rounded-xl shadow-xl text-white max-w-md animate-toast-in border border-opacity-30"
:class="{
'bg-success-toast border-accent-green': toast.type === 'success',
'bg-error-toast border-accent-red': toast.type === 'error',
'bg-info-toast border-accent-orange': toast.type === 'info'
}"
>
<span class="flex-1 font-medium tracking-wide text-sm">{{ toast.message }}</span>
<button
@click="removeToast(toast.id)"
class="ml-3 focus:outline-none hover:opacity-80 transition-opacity"
>
<svg class="w-4 h-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M6 18L18 6M6 6l12 12" />
</svg>
</button>
</div>
</transition-group>
</div>
<main class="max-w-6xl mx-auto space-y-8">
<section class="bg-dark-card rounded-lg p-6 shadow-lg">
<section class="bg-dark-card rounded-lg p-6 shadow-lg" v-show="false">
<h2 class="text-2xl font-bold mb-4">Select a Config</h2>
<div class="flex space-x-4 overflow-x-auto scrollbar-hide">
@@ -64,7 +120,7 @@
<h2 class="text-2xl font-bold">LLM API Spec</h2>
<span :class="statusDotClass"
class="w-3 h-3 rounded-full mr-2"></span>
class="w-3 h-3 rounded-full mr-2"></span>
<svg :class="{'rotate-180': showLLMSpec}"
class="w-6 h-6 transition-transform duration-200"
xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24" fill="none"
@@ -74,7 +130,7 @@
</svg>
</div>
<div v-show="showLLMSpec" class="mt-4">
<div class="mt-4">
<label v-if="isFocused" for="llm-spec"
class="block text-sm font-medium mb-2">
LLM API Spec, PROMPT variable will be replaced with the testing
@@ -109,6 +165,8 @@
<strong class="font-bold">></strong>
<span class="block sm:inline">{{okMsg}}</span>
</div>
<span v-if="latency" class="text-sm text-gray-400 ml-2">Latency: {{latency}}s</span>
<!-- Action Buttons -->
<section class="flex justify-center space-x-4 mt-10">
@@ -351,27 +409,26 @@
class="text-gray-400 hover:underline">Deselect All</button>
</div>
<div class="grid grid-cols-1 sm:grid-cols-2 md:grid-cols-3 gap-4">
<div
v-for="(package, index) in dataConfig"
:key="index"
@click="addPackage(index)"
class="border rounded-lg p-3 cursor-pointer transition-all hover:shadow-md overflow-hidden"
:class="{
'border-dark-accent-green bg-dark-accent-green bg-opacity-20': package.selected,
'border-gray-600': !package.selected
}">
<div class="font-medium mb-1 truncate">{{ package.dataset_name
}}</div>
<div class="text-sm text-gray-400 truncate">
{{ package.source || 'Local dataset' }}
</div>
<div class="mt-2 text-sm font-semibold">
{{ package.dynamic ? 'Dynamic dataset' :
`${package.num_prompts.toLocaleString()} prompts` }}
</div>
</div>
<div class="grid grid-cols-1 sm:grid-cols-2 md:grid-cols-3 gap-4">
<div
v-for="(package, index) in dataConfig"
:key="index"
@click="package.is_active !== false && addPackage(index)"
class="border rounded-lg p-3 cursor-pointer transition-all hover:shadow-md overflow-hidden"
:class="{
'border-dark-accent-green bg-dark-accent-green bg-opacity-20': package.selected,
'border-gray-600': !package.selected,
'opacity-30 pointer-events-none cursor-not-allowed': package.is_active === false
}">
<div class="font-medium mb-1 truncate">{{ package.dataset_name }}</div>
<div class="text-sm text-gray-400 truncate">
{{ package.source || 'Local dataset' }}
</div>
<div class="mt-2 text-sm font-semibold">
{{ package.dynamic ? 'Dynamic dataset' : `${package.num_prompts.toLocaleString()} prompts` }}
</div>
</div>
</div>
</div>
</section>
@@ -388,6 +445,8 @@
<strong class="font-bold">></strong>
<span class="block sm:inline">{{okMsg}}</span>
</div>
<span v-if="latency" class="text-sm text-gray-400 ml-2">Latency: {{latency}}s</span>
<!-- Action Buttons -->
<section class="flex justify-center space-x-4">
agentic_security/static/inter.css
+21
View File
@@ -0,0 +1,21 @@
@font-face {
font-family: 'Inter';
font-style: normal;
font-weight: 400;
font-display: swap;
src: url(https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfMZg.ttf) format('truetype');
}
@font-face {
font-family: 'Inter';
font-style: normal;
font-weight: 600;
font-display: swap;
src: url(https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuGKYMZg.ttf) format('truetype');
}
@font-face {
font-family: 'Inter';
font-style: normal;
font-weight: 700;
font-display: swap;
src: url(https://fonts.gstatic.com/s/inter/v18/UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuFuYMZg.ttf) format('truetype');
}
agentic_security/static/lucide.js
+16688
View File
File diff suppressed because it is too large Load Diff
agentic_security/static/main.js
+38 -8
View File
@@ -4,6 +4,7 @@ var app = new Vue({
progressWidth: '0%',
modelSpec: LLM_SPECS[0],
budget: 50,
latency: 0,
isFocused: false, // Tracks if the textarea is focused
showParams: false,
showResetConfirmation: false,
@@ -24,6 +25,8 @@ var app = new Vue({
showModules: false,
showLogs: false,
showConsentModal: true,
toasts: [], // Array to store toast notifications
toastTimeout: 3000, // Duration in milliseconds (3 seconds)
statusDotClass: 'bg-gray-500', // Default status dot class
statusText: 'Verified', // Default status text
statusClass: 'bg-green-500 text-dark-bg', // Default status class
@@ -92,6 +95,19 @@ var app = new Vue({
},
methods: {
showToast(message, type = 'success') {
const id = Date.now(); // Unique ID for each toast
this.toasts.push({ id, message, type });
// Automatically remove toast after timeout
setTimeout(() => {
this.removeToast(id);
}, this.toastTimeout);
},
removeToast(id) {
this.toasts = this.toasts.filter(toast => toast.id !== id);
},
focusTextarea() {
this.isFocused = true;
self = this.$refs;
@@ -121,6 +137,7 @@ var app = new Vue({
const state = {
modelSpec: this.modelSpec,
budget: this.budget,
selectedConfig: this.selectedConfig,
dataConfig: this.dataConfig,
optimize: this.optimize,
enableChartDiagram: this.enableChartDiagram,
@@ -139,6 +156,7 @@ var app = new Vue({
this.optimize = state.optimize;
this.enableChartDiagram = state.enableChartDiagram;
this.enableMultiStepAttack = state.enableMultiStepAttack;
this.selectedConfig = state.selectedConfig;
}
},
resetState() {
@@ -190,7 +208,8 @@ var app = new Vue({
let payload = {
spec: this.modelSpec,
};
const response = await fetch(`${URL}/verify`, {
let startTime = performance.now(); // Capture start time
const response = await fetch(`${SELF_URL}/verify`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
@@ -198,14 +217,20 @@ var app = new Vue({
body: JSON.stringify(payload),
});
console.log(response);
let txt = await response.text();
let r = await response.json();
let endTime = performance.now(); // Capture end time
let latency = endTime - startTime; // Calculate latency in milliseconds
latency = latency.toFixed(3) / 1000; // Round to 2 decimal places
this.latency = latency;
if (!response.ok) {
this.updateStatusDot(false);
this.errorMsg = 'Integration verification failed:' + txt;
this.errorMsg = 'Integration verification failed:' + JSON.stringify(r);
this.showToast('Integration verification failed', 'error');
} else {
this.errorMsg = '';
this.updateStatusDot(true);
this.okMsg = 'Integration verified';
this.showToast('Integration verified successfully', 'success');
this.integrationVerified = true;
// console.log('Integration verified', this.integrationVerified);
// this.$forceUpdate();
@@ -214,7 +239,7 @@ var app = new Vue({
this.saveStateToLocalStorage();
},
loadConfigs: async function () {
const response = await fetch(`${URL}/v1/data-config`, {
const response = await fetch(`${SELF_URL}/v1/data-config`, {
method: 'GET',
headers: {
'Content-Type': 'application/json',
@@ -286,6 +311,7 @@ var app = new Vue({
this.okMsg = `${event.module}`;
return
}
this.latency = event.latency.toFixed(3);
console.log('New event');
// { "module": "Module 49", "tokens": 480, "cost": 4.800000000000001, "progress": 9.8 }
let progress = event.progress;
@@ -321,14 +347,14 @@ var app = new Vue({
let payload = {
table: this.mainTable,
};
const response = await fetch(`${URL}/plot.jpeg`, {
const response = await fetch(`${SELF_URL}/plot.jpeg`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify(payload),
});
// Convert image response to a data URL for the <img> src
// Convert image response to a data SELF_URL for the <img> src
const blob = await response.blob();
const reader = new FileReader();
reader.readAsDataURL(blob);
@@ -341,6 +367,10 @@ var app = new Vue({
// If all are selected, deselect all. Otherwise, select all.
this.dataConfig.forEach(package => {
if (!package.is_active) {
package.selected = false;
return
}
package.selected = !allSelected;
});
@@ -371,7 +401,7 @@ var app = new Vue({
},
stopScan: async function () {
this.scanRunning = false;
const response = await fetch(`${URL}/stop`, {
const response = await fetch(`${SELF_URL}/stop`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
@@ -387,7 +417,7 @@ var app = new Vue({
optimize: this.optimize,
enableMultiStepAttack: this.enableMultiStepAttack,
};
const response = await fetch(`${URL}/scan`, {
const response = await fetch(`${SELF_URL}/scan`, {
method: 'POST',
headers: {
'Content-Type': 'application/json',
agentic_security/static/partials/footer.html
+1 -1
View File
@@ -6,7 +6,7 @@
<div>
<h3
class="text-lg font-semibold text-dark-accent-green mb-4">Home</h3>
<p class="text-gray-400">Dedicated to LLM Security, 2024</p>
<p class="text-gray-400">Dedicated to LLM Security, 2025</p>
</div>
<!-- Column 2 -->
agentic_security/static/partials/head.html
+106 -6
View File
@@ -2,12 +2,12 @@
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>LLM Vulnerability Scanner</title>
<script src="https://cdn.tailwindcss.com"></script>
<script src="https://unpkg.com/vue@2.6.12/dist/vue.js"></script>
<script src="https://unpkg.com/lucide@latest/dist/umd/lucide.js"></script>
<link href="https://fonts.cdnfonts.com/css/technopollas" rel="stylesheet">
<script src="/cdn/tailwindcss.js"></script>
<script src="/cdn/vue.js"></script>
<script src="/cdn/lucide.js"></script>
<link href="/cdn/technopollas.css" rel="stylesheet">
<style>
@import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap');
@import url('/cdn/inter.css');
</style>
<script>
tailwind.config = {
@@ -19,7 +19,18 @@
technopollas: ['Technopollas', 'sans-serif'],
},
colors: {
dark: {
dark: {
bg: '#0D0D0D', // Jet Black
card: '#1A1A1A', // Dark Carbon Fiber
text: '#FFFFFF',
accent: {
green: '#E0A3B6', // Frozen Berry
red: '#1C3F74', // Neptune Blue
orange: '#A5A5A5', // Dolomite Silver
yellow: '#2E4053', // Jet Black
},
},
dark1: {
bg: '#121212',
card: '#1E1E1E',
text: '#FFFFFF',
@@ -28,7 +39,44 @@
red: '#F44336',
orange: '#FF9800',
yellow: '#FFEB3B',
// bg: '#0D0D0D', // Jet Black
// card: '#1A1A1A', // Dark Carbon Fiber
// text: '#FFFFFF',
// accent: {
// green: '#E0A3B6', // Frozen Berry
// red: '#1C3F74', // Neptune Blue
// orange: '#A5A5A5', // Dolomite Silver
// yellow: '#2E4053', // Jet Black
berry: '#E0A3B6', // Frozen Berry
blue: '#1C3F74', // Neptune Blue
silver: '#A5A5A5', // Dolomite Silver
black: '#DAF7A6', // Jet Black
},
variant1: {
primary: '#E0A3B6', // Frozen Berry
secondary: '#1C3F74', // Neptune Blue
highlight: '#A5A5A5', // Dolomite Silver
dark: '#000000' // Jet Black
},
variant2: {
primary: '#FF5733', // Lava Red
secondary: '#2E4053', // Midnight Blue
highlight: '#C0C0C0', // Platinum Silver
dark: '#121212' // Deep Black
},
variant3: {
primary: '#3D9970', // Racing Green
secondary: '#85144B', // Burgundy Red
highlight: '#AAAAAA', // Light Silver
dark: '#111111' // Matte Black
},
variant4: {
primary: '#FFC300', // Golden Yellow
secondary: '#DAF7A6', // Soft Mint
highlight: '#888888', // Titanium Gray
dark: '#222222' // Charcoal Black
},
},
},
borderRadius: {
@@ -38,6 +86,7 @@
}
}
</script>
<style>
.scrollbar-hide::-webkit-scrollbar {
display: none;
@@ -48,4 +97,55 @@
}
</style>
<style>
/* Toast-specific colors */
.bg-success-toast {
background: #1C3F74
}
.bg-error-toast {
background: #85144B
}
.bg-info-toast {
background: #FFC300
}
.border-accent-green, .border-accent-red, .border-accent-orange {
border-color: rgba(255, 255, 255, 0.1); /* Subtle white border for depth */
}
/* Animation */
.animate-toast-in {
animation: tSlideIn 0.4s cubic-bezier(0.25, 0.1, 0.25, 1);
}
@keyframes tSlideIn {
from {
transform: translateX(120%) scale(0.95);
opacity: 0;
}
to {
transform: translateX(0) scale(1);
opacity: 1;
}
}
.toast-enter-active,
.toast-leave-active {
transition: all 0.4s cubic-bezier(0.25, 0.1, 0.25, 1);
}
.toast-enter-from,
.toast-leave-to {
transform: translateX(120%) scale(0.95);
opacity: 0;
}
/* Hover effect */
[toast-type]:hover {
transform: translateY(-2px);
box-shadow: 0 6px 20px rgba(0, 0, 0, 0.6);
}
</style>
</head>
agentic_security/static/tailwindcss.js
+83
View File
File diff suppressed because one or more lines are too long
agentic_security/static/technopollas.css
+8
View File
@@ -0,0 +1,8 @@
@font-face {
font-family: 'Technopollas';
font-style: normal;
font-weight: 400;
src: local('Technopollas'), url('https://fonts.cdnfonts.com/s/72836/Technopollas.woff') format('woff');
}
agentic_security/static/telemetry.js
+2
View File
@@ -2,3 +2,5 @@
posthog.init('phc_jfYo5xEofW7eJtiU8rLt2Z8jw1E2eW27BxwTJzwRufH', {
api_host: 'https://us.i.posthog.com', person_profiles: 'identified_only' // or 'always' to create profiles for anonymous users as well
})
!function (n, e, r, t, o, i, a, c, s) { for (var u = s, f = 0; f < document.scripts.length; f++)if (document.scripts[f].src.indexOf(i) > -1) { u && "no" === document.scripts[f].getAttribute("data-lazy") && (u = !1); break } var p = []; function l(n) { return "e" in n } function d(n) { return "p" in n } function _(n) { return "f" in n } var v = []; function y(n) { u && (l(n) || d(n) || _(n) && n.f.indexOf("capture") > -1 || _(n) && n.f.indexOf("showReportDialog") > -1) && L(), v.push(n) } function h() { y({ e: [].slice.call(arguments) }) } function g(n) { y({ p: n }) } function E() { try { n.SENTRY_SDK_SOURCE = "loader"; var e = n[o], i = e.init; e.init = function (o) { n.removeEventListener(r, h), n.removeEventListener(t, g); var a = c; for (var s in o) Object.prototype.hasOwnProperty.call(o, s) && (a[s] = o[s]); !function (n, e) { var r = n.integrations || []; if (!Array.isArray(r)) return; var t = r.map((function (n) { return n.name })); n.tracesSampleRate && -1 === t.indexOf("BrowserTracing") && (e.browserTracingIntegration ? r.push(e.browserTracingIntegration({ enableInp: !0 })) : e.BrowserTracing && r.push(new e.BrowserTracing)); (n.replaysSessionSampleRate || n.replaysOnErrorSampleRate) && -1 === t.indexOf("Replay") && (e.replayIntegration ? r.push(e.replayIntegration()) : e.Replay && r.push(new e.Replay)); n.integrations = r }(a, e), i(a) }, setTimeout((function () { return function (e) { try { "function" == typeof n.sentryOnLoad && (n.sentryOnLoad(), n.sentryOnLoad = void 0) } catch (n) { console.error("Error while calling `sentryOnLoad` handler:"), console.error(n) } try { for (var r = 0; r < p.length; r++)"function" == typeof p[r] && p[r](); p.splice(0); for (r = 0; r < v.length; r++) { _(i = v[r]) && "init" === i.f && e.init.apply(e, i.a) } m() || e.init(); var t = n.onerror, o = n.onunhandledrejection; for (r = 0; r < v.length; r++) { var i; if (_(i = v[r])) { if ("init" === i.f) continue; e[i.f].apply(e, i.a) } else l(i) && t ? t.apply(n, i.e) : d(i) && o && o.apply(n, [i.p]) } } catch (n) { console.error(n) } }(e) })) } catch (n) { console.error(n) } } var O = !1; function L() { if (!O) { O = !0; var n = e.scripts[0], r = e.createElement("script"); r.src = a, r.crossOrigin = "anonymous", r.addEventListener("load", E, { once: !0, passive: !0 }), n.parentNode.insertBefore(r, n) } } function m() { var e = n.__SENTRY__, r = void 0 !== e && e.version; return r ? !!e[r] : !(void 0 === e || !e.hub || !e.hub.getClient()) } n[o] = n[o] || {}, n[o].onLoad = function (n) { m() ? n() : p.push(n) }, n[o].forceLoad = function () { setTimeout((function () { L() })) }, ["init", "addBreadcrumb", "captureMessage", "captureException", "captureEvent", "configureScope", "withScope", "showReportDialog"].forEach((function (e) { n[o][e] = function () { y({ f: e, a: arguments }) } })), n.addEventListener(r, h), n.addEventListener(t, g), u || setTimeout((function () { L() })) }(window, document, "error", "unhandledrejection", "Sentry", 'a3abb155d8e2fe980880571166594672', 'https://browser.sentry-cdn.com/8.55.0/bundle.tracing.replay.min.js', { "dsn": "https://a3abb155d8e2fe980880571166594672@o4508851738247168.ingest.de.sentry.io/4508851744342096", "tracesSampleRate": 1, "replaysSessionSampleRate": 0.1, "replaysOnErrorSampleRate": 1 }, false);
agentic_security/static/vue.js
+11965
View File
File diff suppressed because it is too large Load Diff
changelog.sh
Regular → Executable
View File
docs/http_spec.md
+13 -17
View File
@@ -33,7 +33,7 @@ The `LLMSpec` class is the core of the HTTP specification. It provides the follo
### Methods
- **`from_string(http_spec: str) -> LLMSpec`**: Parses an HTTP specification string into an `LLMSpec` object.
- **`validate(prompt: str, encoded_image: str, encoded_audio: str, files: dict) -> None`**: Validates the request parameters based on the specified modality.
- **`validate(prompt: str, encoded_image: str, encoded_audio: str, files: dict) -> null`**: Validates the request parameters based on the specified modality.
- **`probe(prompt: str, encoded_image: str = "", encoded_audio: str = "", files: dict = {}) -> httpx.Response`**: Sends an HTTP request using the specified parameters.
- **`verify() -> httpx.Response`**: Verifies the HTTP specification by sending a test request.
@@ -52,12 +52,11 @@ Authorization: Bearer sk-xxxxxxxxx
Content-Type: application/json
{
"model": "gpt-3.5-turbo",
"messages": [{"role": "user", "content": "<<PROMPT>>"}],
"temperature": 0.7
"model": "gpt-3.5-turbo",
"messages": [{"role": "user", "content": "<<PROMPT>>"}],
"temperature": 0.7
}
"""
spec = LLMSpec.from_string(http_spec)
response = await spec.probe("What is the capital of France?")
```
@@ -71,12 +70,11 @@ Authorization: Bearer sk-xxxxxxxxx
Content-Type: application/json
{
"model": "gpt-4-vision-preview",
"messages": [{"role": "user", "content": "What is in this image? <<BASE64_IMAGE>>"}],
"temperature": 0.7
"model": "gpt-4-vision-preview",
"messages": [{"role": "user", "content": "What is in this image? <<BASE64_IMAGE>>"}],
"temperature": 0.7
}
"""
spec = LLMSpec.from_string(http_spec)
encoded_image = encode_image_base64_by_url("https://example.com/image.jpg")
response = await spec.probe("What is in this image?", encoded_image=encoded_image)
@@ -91,12 +89,11 @@ Authorization: Bearer sk-xxxxxxxxx
Content-Type: application/json
{
"model": "whisper-large-v3",
"messages": [{"role": "user", "content": "Transcribe this audio: <<BASE64_AUDIO>>"}],
"temperature": 0.7
"model": "whisper-large-v3",
"messages": [{"role": "user", "content": "Transcribe this audio: <<BASE64_AUDIO>>"}],
"temperature": 0.7
}
"""
spec = LLMSpec.from_string(http_spec)
encoded_audio = encode_audio_base64_by_url("https://example.com/audio.mp3")
response = await spec.probe("Transcribe this audio:", encoded_audio=encoded_audio)
@@ -111,12 +108,11 @@ Authorization: Bearer sk-xxxxxxxxx
Content-Type: multipart/form-data
{
"model": "gpt-3.5-turbo",
"messages": [{"role": "user", "content": "Process this file: <<FILE>>"}],
"temperature": 0.7
"model": "gpt-3.5-turbo",
"messages": [{"role": "user", "content": "Process this file: <<FILE>>"}],
"temperature": 0.7
}
"""
spec = LLMSpec.from_string(http_spec)
files = {"file": ("document.txt", open("document.txt", "rb"))}
response = await spec.probe("Process this file:", files=files)
docs/images/demo.gif
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 9.0 MiB

docs/index.md
+1 -1
View File
@@ -21,4 +21,4 @@ Note: Please be aware that Agentic Security is designed as a safety scanner tool
## UI 🧙
<img width="100%" alt="booking-screen" src="https://res.cloudinary.com/dq0w2rtm9/image/upload/v1736433557/z0bsyzhsqlgcr3w4ovwp.gif">
<img width="100%" alt="booking-screen" src="https://res.cloudinary.com/dq0w2rtm9/image/upload/v1741192668/final_aa9jhb.gif">
docs/probe_data.md
+8 -18
View File
@@ -54,20 +54,15 @@ The `probe_data` module is a core component of the Agentic Security project, res
- **Classes:**
- `PromptSelectionInterface`: Abstract base class for prompt selection strategies.
- Methods:
- `select_next_prompt(current_prompt: str, passed_guard: bool) -> str`: Selects next prompt
- `select_next_prompts(current_prompt: str, passed_guard: bool) -> list[str]`: Selects multiple prompts
- `update_rewards(previous_prompt: str, current_prompt: str, reward: float, passed_guard: bool) -> None`: Updates rewards
- `update_rewards(previous_prompt: str, current_prompt: str, reward: float, passed_guard: bool) -> null`: Updates rewards
- `RandomPromptSelector`: Basic random selection with history tracking.
- Parameters:
- `prompts: list[str]`: List of available prompts
- `history_size: int = 3`: Size of history to prevent cycles
- `CloudRLPromptSelector`: Cloud-based RL implementation with fallback.
- Parameters:
- `prompts: list[str]`: List of available prompts
- `api_url: str`: URL of RL service
@@ -75,9 +70,7 @@ The `probe_data` module is a core component of the Agentic Security project, res
- `history_size: int = 300`: Size of history
- `timeout: int = 5`: Request timeout
- `run_id: str = ""`: Unique run identifier
- `QLearningPromptSelector`: Local Q-learning implementation.
- Parameters:
- `prompts: list[str]`: List of available prompts
- `learning_rate: float = 0.1`: Learning rate
@@ -86,13 +79,11 @@ The `probe_data` module is a core component of the Agentic Security project, res
- `exploration_decay: float = 0.995`: Exploration decay rate
- `min_exploration: float = 0.01`: Minimum exploration rate
- `history_size: int = 300`: Size of history
- `Module`: Main class that uses CloudRLPromptSelector.
- Parameters:
- `prompt_groups: list[str]`: Groups of prompts
- `tools_inbox: asyncio.Queue`: Queue for tool communication
- `opts: dict = {}`: Configuration options
- **Module**: Main class that uses CloudRLPromptSelector.
- Parameters:
- `prompt_groups: list[str]`: Groups of prompts
- `tools_inbox: asyncio.Queue`: Queue for tool communication
- `opts: dict = {}`: Configuration options
## Usage Examples
@@ -119,10 +110,9 @@ from agentic_security.probe_data.modules.rl_model import QLearningPromptSelector
prompts = ["What is AI?", "Explain machine learning"]
selector = QLearningPromptSelector(prompts)
current_prompt = "What is AI?"
next_prompt = selector.select_next_prompt(current_prompt, passed_guard=True)
selector.update_rewards(current_prompt, next_prompt, reward=1.0, passed_guard=True)
next_prompt = selector.select_next_prompt(current_prompt, passed_guard=true)
selector.update_rewards(current_prompt, next_prompt, reward=1.0, passed_guard=true)
```
## Conclusion
docs/stylesheets/extra.css
+13 -9
View File
@@ -1,14 +1,16 @@
:root {
--md-primary-fg-color: #e92063;
--md-primary-fg-color--light: #e92063;
--md-primary-fg-color--dark: #e92063;
--md-primary-fg-color: #2E4053;
/* Primary color changed to pinkish */
--md-primary-fg-color--light: #E0A3B6;
--md-primary-fg-color--dark: #1C3F74;
/* Dark variant changed to blue */
}
/* Revert hue value to that of pre mkdocs-material v9.4.0 */
/* Updated slate color scheme with new background */
[data-md-color-scheme="slate"] {
--md-hue: 230;
--md-default-bg-color: hsla(230, 15%, 21%, 1);
--md-default-bg-color: #1A1A1A;
/* Background changed to dark gray */
}
.hide {
@@ -24,12 +26,15 @@ img.index-header {
max-width: 500px;
}
/* Updated custom colors */
.pydantic-pink {
color: #FF007F;
color: #E0A3B6;
/* Updated to match new theme */
}
.team-blue {
color: #0072CE;
color: #1C3F74;
/* Updated to match new theme */
}
.secure-green {
@@ -67,7 +72,6 @@ img.index-header {
text-align: center;
}
/* Hide the entire footer */
.md-footer {
display: none;
mkdocs.yml
+1 -1
View File
@@ -89,7 +89,7 @@ theme:
name: Switch to light mode
icon:
repo: fontawesome/brands/github
favicon: "https://res.cloudinary.com/dq0w2rtm9/image/upload/v1737555066/r17hrkre246doczwmvbv.png"
favicon: https://res.cloudinary.com/dq0w2rtm9/image/upload/v1741195421/favicon_kuz6xr.png
extra:
generator: false
poetry.lock
Generated
+565 -304
View File
File diff suppressed because it is too large Load Diff
pyproject.toml
+9 -1
View File
@@ -1,6 +1,6 @@
[tool.poetry]
name = "agentic_security"
version = "0.4.5"
version = "0.7.0"
description = "Agentic LLM vulnerability scanner"
authors = ["Alexander Miasoiedov <msoedov@gmail.com>"]
maintainers = ["Alexander Miasoiedov <msoedov@gmail.com>"]
@@ -48,7 +48,13 @@ python-multipart = "^0.0.20"
tomli = "^2.2.1"
rich = "13.9.4"
gTTS = "^2.5.4"
sentry_sdk = "^2.22.0"
orjson = "^3.10"
pyfiglet = "^1.0.2"
termcolor = "^2.4.0"
# garak = { version = "*", optional = true }
pytest-xdist = "3.6.1"
[tool.poetry.group.dev.dependencies]
@@ -81,5 +87,7 @@ build-backend = "poetry.core.masonry.api"
[tool.pytest.ini_options]
addopts = "--durations=5 -m 'not slow' -n 3"
asyncio_mode = "auto"
asyncio_default_fixture_loop_scope = "function"
markers = "slow: marks tests as slow"
tests/__init__.py
View File
tests/conftest.py
+8
View File
@@ -0,0 +1,8 @@
import os
import pytest
def pytest_runtest_setup(item):
if "slow" in item.keywords and not os.getenv("RUN_SLOW_TESTS"):
pytest.skip("Skipping slow test")
agentic_security/probe_actor/test_fuzzer.py → tests/probe_actor/test_fuzzer.py
+14 -10
View File
@@ -5,7 +5,7 @@ from unittest.mock import AsyncMock, MagicMock, Mock, patch
import httpx
import pytest
from agentic_security.models.schemas import Scan
from agentic_security.primitives import Scan
from agentic_security.probe_actor.fuzzer import (
generate_prompts,
perform_many_shot_scan,
@@ -209,6 +209,7 @@ class TestProcessPrompt(unittest.IsolatedAsyncioTestCase):
module_name="module_a",
refusals=[],
errors=[],
outputs=[],
)
self.assertEqual(tokens, 3) # Tokens from "Valid response text"
@@ -226,6 +227,7 @@ class TestProcessPrompt(unittest.IsolatedAsyncioTestCase):
)
refusals = []
outputs = []
tokens, refusal = await process_prompt(
request_factory=mock_request_factory,
prompt="test prompt",
@@ -233,6 +235,7 @@ class TestProcessPrompt(unittest.IsolatedAsyncioTestCase):
module_name="module_a",
refusals=refusals,
errors=[],
outputs=outputs,
)
self.assertEqual(tokens, 3) # Tokens from "Response indicating refusal"
@@ -250,15 +253,15 @@ class TestProcessPrompt(unittest.IsolatedAsyncioTestCase):
)
refusals = []
with self.assertRaises(httpx.HTTPStatusError):
await process_prompt(
request_factory=mock_request_factory,
prompt="test prompt",
tokens=0,
module_name="module_a",
refusals=refusals,
errors=[],
)
await process_prompt(
request_factory=mock_request_factory,
prompt="test prompt",
tokens=0,
module_name="module_a",
refusals=refusals,
errors=[],
outputs=[],
)
async def test_request_error(self):
mock_request_factory = Mock()
@@ -274,6 +277,7 @@ class TestProcessPrompt(unittest.IsolatedAsyncioTestCase):
module_name="module_a",
refusals=[],
errors=errors,
outputs=[],
)
self.assertEqual(tokens, 0)
agentic_security/probe_actor/test_refusal.py → tests/probe_actor/test_refusal.py
View File
agentic_security/refusal_classifier/test_model.py → tests/refusal_classifier/test_model.py
+1 -1
View File
@@ -3,7 +3,7 @@ from unittest.mock import patch
import pandas as pd
import pytest
from .model import RefusalClassifier
from agentic_security.refusal_classifier.model import RefusalClassifier
@pytest.fixture
tests/routes/__init__.py
View File
agentic_security/routes/test_csv.py → tests/routes/test_csv.py
View File
agentic_security/routes/test_health.py → tests/routes/test_health.py
+1 -1
View File
@@ -1,6 +1,6 @@
from fastapi.testclient import TestClient
from ..app import app
from agentic_security.app import app
def test_health_check():
agentic_security/routes/test_probe.py → tests/routes/test_probe.py
+4 -4
View File
@@ -5,10 +5,10 @@ import httpx
import pytest
from fastapi.testclient import TestClient
from ..app import app
from ..models.schemas import Probe
from ..probe_actor.refusal import REFUSAL_MARKS
from ..probe_data import REGISTRY
from agentic_security.app import app
from agentic_security.primitives import Probe
from agentic_security.probe_actor.refusal import REFUSAL_MARKS
from agentic_security.probe_data import REGISTRY
client = TestClient(app)
agentic_security/routes/test_report.py → tests/routes/test_report.py
+1 -1
View File
@@ -4,7 +4,7 @@ from unittest.mock import patch
import pytest
from fastapi.testclient import TestClient
from .report import router
from agentic_security.routes.report import router
client = TestClient(router)
agentic_security/routes/test_static.py → tests/routes/test_static.py
+2 -2
View File
@@ -4,8 +4,8 @@ import pytest
from fastapi import HTTPException
from fastapi.testclient import TestClient
from ..models.schemas import Settings
from .static import get_static_file, router
from agentic_security.primitives import Settings
from agentic_security.routes.static import get_static_file, router
client = TestClient(router)
tests/test_dependencies.py
+15
View File
@@ -0,0 +1,15 @@
from agentic_security.dependencies import InMemorySecrets, get_in_memory_secrets
def test_in_memory_secrets():
secrets = InMemorySecrets()
secrets.set_secret("api_key", "12345")
assert secrets.get_secret("api_key") == "12345"
assert secrets.get_secret("non_existent_key") is None
def test_get_in_memory_secrets():
secrets = get_in_memory_secrets()
assert isinstance(secrets, InMemorySecrets)
secrets.set_secret("token", "abcde")
assert secrets.get_secret("token") == "abcde"
agentic_security/test_lib.py → tests/test_lib.py
+19 -18
View File
@@ -8,7 +8,7 @@ import time
import pytest
import agentic_security.test_spec_assets as test_spec_assets
from agentic_security.lib import AgenticSecurity
from agentic_security.lib import SecurityScanner
def has_module(module_name):
@@ -50,25 +50,25 @@ def make_test_registry():
]
class TestAS:
class TestLibraryLevel:
# Handles an empty dataset list.
def test_class(self, test_server):
llmSpec = test_spec_assets.SAMPLE_SPEC
maxBudget = 1000000
max_th = 0.3
datasets = make_test_registry()
result = AgenticSecurity.scan(llmSpec, maxBudget, datasets, max_th)
result = SecurityScanner.scan(llmSpec, maxBudget, datasets, max_th)
assert isinstance(result, dict)
print(result)
assert len(result) in [0, 1]
# TODO: slow test
def _test_class_msj(self, test_server):
@pytest.mark.slow
def test_class_msj(self, test_server):
llmSpec = test_spec_assets.SAMPLE_SPEC
maxBudget = 1000
max_th = 0.3
datasets = make_test_registry()
result = AgenticSecurity.scan(
result = SecurityScanner.scan(
llmSpec, maxBudget, datasets, max_th, enableMultiStepAttack=True
)
assert isinstance(result, dict)
@@ -93,11 +93,12 @@ class TestAS:
"opts": {"port": 9094},
},
]
result = AgenticSecurity.scan(llmSpec, maxBudget, datasets, max_th)
result = SecurityScanner.scan(llmSpec, maxBudget, datasets, max_th)
assert isinstance(result, dict)
print(result)
assert len(result) in [0, 1]
@pytest.mark.slow
def test_backend(self, test_server):
llmSpec = test_spec_assets.SAMPLE_SPEC
maxBudget = 1000000
@@ -119,7 +120,7 @@ class TestAS:
"modality": "text",
},
]
result = AgenticSecurity.scan(llmSpec, maxBudget, datasets, max_th)
result = SecurityScanner.scan(llmSpec, maxBudget, datasets, max_th)
assert isinstance(result, dict)
print(result)
assert len(result) in [0, 1]
@@ -147,7 +148,7 @@ class TestAS:
"modality": "text",
},
]
result = AgenticSecurity.scan(llmSpec, maxBudget, datasets, max_th)
result = SecurityScanner.scan(llmSpec, maxBudget, datasets, max_th)
assert isinstance(result, dict)
print(result)
assert len(result) in [0, 1]
@@ -156,18 +157,18 @@ class TestAS:
class TestEntrypointCI:
def test_generate_default_cfg_to_tmp_path(self):
"""
Test that the `generate_default_cfg` method generates a valid default config file in a temporary path.
Test that the `generate_default_settings` method generates a valid default config file in a temporary path.
"""
# Create a temporary directory
with tempfile.TemporaryDirectory() as tmpdir:
temp_path = os.path.join(tmpdir, "custom_agesec.toml")
# Override default_path to the temporary path
AgenticSecurity.default_path = temp_path
SecurityScanner.default_path = temp_path
# Generate the default configuration
security = AgenticSecurity()
security.generate_default_cfg()
security = SecurityScanner()
security.generate_default_settings()
# Check that the config file was created at the temporary path
assert os.path.exists(temp_path), f"{temp_path} file should be generated."
@@ -188,17 +189,17 @@ class TestEntrypointCI:
temp_path = os.path.join(tmpdir, "custom_agesec.toml")
# Override default_path to the temporary path
AgenticSecurity.default_path = temp_path
SecurityScanner.default_path = temp_path
# Generate the default configuration
security = AgenticSecurity()
security.generate_default_cfg()
security = SecurityScanner()
security.generate_default_settings()
# Load the generated configuration
AgenticSecurity.load_config(temp_path)
SecurityScanner.load_config(temp_path)
# Validate loaded configuration
config = AgenticSecurity.config
config = SecurityScanner.config
assert (
config["general"]["maxBudget"] == 1000000
), "maxBudget should be 1000000"
tests/test_registry.py
+26
View File
@@ -0,0 +1,26 @@
import pytest
from datasets import load_dataset
from agentic_security.probe_data import REGISTRY
@pytest.mark.slow
@pytest.mark.parametrize("dataset", REGISTRY)
def test_registry_accessibility(dataset):
source = dataset.get("source", "")
if "hugging" not in source.lower():
return pytest.skip("skipped dataset")
if not dataset.get("is_active"):
return pytest.skip("skipped dataset")
dataset_name = dataset.get("dataset_name")
if not dataset_name:
pytest.fail(f"No dataset_name found in {dataset}")
# Load only metadata (no data download)
try:
ds = load_dataset(dataset_name, split=None)
# Check if metadata is accessible without loading full data
assert ds is not None, f"Failed to load metadata for {dataset_name}"
except Exception as e:
pytest.fail(f"Error loading metadata for {dataset_name}: {str(e)}")
agentic_security/test_spec.py → tests/test_spec.py
View File
ui/.env.example
+1
View File
@@ -0,0 +1 @@
VUE_APP_SERVER_URL=''#replace this with url at which agentic_security server is running
ui/.eslintrc.js
+25
View File
@@ -0,0 +1,25 @@
module.exports = {
env: {
browser: true,
es2021: true,
node :true
},
extends: [
'eslint:recommended',
'plugin:vue/essential',
],
parserOptions: {
ecmaVersion: 12,
sourceType: 'module',
},
plugins: [
'vue',
],
rules: {
'no-unused-vars': 'off', // Disable the rule
'no-constant-condition': 'off',
'no-global-assign': 'off',
// or
// 'no-unused-vars': 'warn', // Change the rule to a warning
},
};
ui/.gitignore
+23
View File
@@ -0,0 +1,23 @@
.DS_Store
node_modules
/dist
# local env files
.env.local
.env.*.local
# Log files
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
# Editor directories and files
.idea
.vscode
*.suo
*.ntvs*
*.njsproj
*.sln
*.sw?
ui/babel.config.js
+5
View File
@@ -0,0 +1,5 @@
module.exports = {
presets: [
'@vue/cli-plugin-babel/preset'
]
}
ui/jsconfig.json
+19
View File
@@ -0,0 +1,19 @@
{
"compilerOptions": {
"target": "es5",
"module": "esnext",
"baseUrl": "./",
"moduleResolution": "node",
"paths": {
"@/*": [
"src/*"
]
},
"lib": [
"esnext",
"dom",
"dom.iterable",
"scripthost"
]
}
}
ui/package-lock.json
Generated
+12242
View File
File diff suppressed because it is too large Load Diff
ui/package.json
+45
View File
@@ -0,0 +1,45 @@
{
"name": "agentic-vulnerability-scanner-llm-ui",
"version": "0.1.0",
"private": true,
"scripts": {
"serve": "vue-cli-service serve ",
"dev": "vue-cli-service serve ",
"build": "vue-cli-service build",
"lint": "vue-cli-service lint"
},
"dependencies": {
"core-js": "^3.8.3",
"lucide": "^0.474.0",
"vue": "^3.2.13"
},
"devDependencies": {
"@babel/core": "^7.12.16",
"@babel/eslint-parser": "^7.12.16",
"@vue/cli-plugin-babel": "~5.0.0",
"@vue/cli-plugin-eslint": "~5.0.0",
"@vue/cli-service": "~5.0.0",
"eslint": "^7.32.0",
"eslint-plugin-vue": "^8.0.3"
},
"eslintConfig": {
"root": true,
"env": {
"node": true
},
"extends": [
"plugin:vue/vue3-essential",
"eslint:recommended"
],
"parserOptions": {
"parser": "@babel/eslint-parser"
},
"rules": {}
},
"browserslist": [
"> 1%",
"last 2 versions",
"not dead",
"not ie 11"
]
}
ui/public/base.js
+232
View File
@@ -0,0 +1,232 @@
let URL = window.location.href;
if (URL.endsWith('/')) {
URL = URL.slice(0, -1);
}
URL = process.env.VUE_APP_SERVER_URL
// Vue application
let LLM_SPECS = [
`POST ${URL}/v1/self-probe
Authorization: Bearer XXXXX
Content-Type: application/json
{
"prompt": "<<PROMPT>>"
}
`,
`POST https://api.openai.com/v1/chat/completions
Authorization: Bearer $OPENAI_API_KEY
Content-Type: application/json
{
"model": "gpt-3.5-turbo",
"messages": [{"role": "user", "content": "<<PROMPT>>"}],
"temperature": 0.7
}
`,
`
POST https://api.deepseek.com/chat/completions
Authorization: Bearer $DEEPSEEK_API_KEY
Content-Type: application/json
{
"model": "deepseek-chat",
"messages": [
{"role": "system", "content": "You are a helpful assistant."},
{"role": "user", "content": "<<PROMPT>>"}
],
"stream": false
}
`,
`POST https://api.replicate.com/v1/models/mistralai/mixtral-8x7b-instruct-v0.1/predictions
Authorization: Bearer $APIKEY
Content-Type: application/json
{
"input": {
"top_k": 50,
"top_p": 0.9,
"prompt": "Write a bedtime story about neural networks I can read to my toddler",
"temperature": 0.6,
"max_new_tokens": 1024,
"prompt_template": "<s>[INST] <<PROMPT>> [/INST] ",
"presence_penalty": 0,
"frequency_penalty": 0
}
}
`,
`POST https://api.groq.com/v1/request_manager/text_completion
Authorization: Bearer XXXXX
Content-Type: application/json
{
"model_id": "codellama-34b",
"system_prompt": "You are helpful and concise coding assistant",
"user_prompt": "<<PROMPT>>"
}
`,
`POST https://api.together.xyz/v1/chat/completions
Authorization: Bearer $TOGETHER_API_KEY
Content-Type: application/json
{
"model": "mistralai/Mixtral-8x7B-Instruct-v0.1",
"messages": [
{"role": "system", "content": "You are an expert travel guide"},
{"role": "user", "content": "<<PROMPT>>"}
]
}
`,
`POST ${URL}/v1/self-probe-image
Authorization: Bearer XXXXX
Content-Type: application/json
[
{
"role": "user",
"content": [
{
"type": "text",
"text": "What is in this image?",
},
{
"type": "image_url",
"image_url": {
"url": f"data:image/jpeg;base64,{<<BASE64_IMAGE>>}"
},
},
],
}
]
`,
`POST ${URL}/v1/self-probe-file
Authorization: Bearer $GROQ_API_KEY
Content-Type: multipart/form-data
{
"file": "@./sample_audio.m4a",
"model": "whisper-large-v3"
}
`,
`POST https://api.gemini.com/v1/generate
Authorization: Bearer $GEMINI_API_KEY
Content-Type: application/json
{
"model": "gemini-latest",
"prompt": "<<PROMPT>>",
"temperature": 0.8,
"max_tokens": 150,
"top_p": 1.0,
"frequency_penalty": 0,
"presence_penalty": 0
}
`,
`POST https://api.anthropic.com/v1/complete
Authorization: Bearer $ANTHROPIC_API_KEY
Content-Type: application/json
{
"model": "claude-v1.3",
"prompt": "<<PROMPT>>",
"temperature": 0.7,
"max_tokens_to_sample": 256,
"stop_sequences": ["\n\nHuman:"]
}
`,
`POST https://api.cohere.ai/generate
Authorization: Bearer $COHERE_API_KEY
Content-Type: application/json
{
"model": "command-xlarge-nightly",
"prompt": "<<PROMPT>>",
"max_tokens": 300,
"temperature": 0.75,
"k": 0,
"p": 0.75
}
`,
`POST https://<<RESOURCE_NAME>>.openai.azure.com/openai/deployments/<<DEPLOYMENT_NAME>>/completions?api-version=2023-06-01-preview
Authorization: Bearer $AZURE_API_KEY
Content-Type: application/json
{
"prompt": "<<PROMPT>>",
"max_tokens": 150,
"temperature": 0.7,
"top_p": 0.9,
"frequency_penalty": 0,
"presence_penalty": 0
}
`,
`POST https://api.assemblyai.com/v2/transcript
Authorization: Bearer $ASSEMBLY_API_KEY
Content-Type: application/json
{
"audio_url": "<<AUDIO_FILE_URL>>"
}
`,
]
let LLM_CONFIGS = [
{ name: 'Custom API', prompts: 40000, customInstructions: 'Requires api spec' },
{ name: 'Open AI', prompts: 24000 },
{ name: 'Deepseek v1', prompts: 24000 },
{ name: 'Replicate', prompts: 40000 },
{ name: 'Groq', prompts: 40000 },
{ name: 'Together.ai', prompts: 40000 },
{ name: 'Custom API Image', prompts: 40000, customInstructions: 'Requires api spec', modality: 'Image' },
{ name: 'Custom API Files', prompts: 40000, customInstructions: 'Requires api spec', modality: 'Files' },
{ name: 'Gemini', prompts: 40000 },
{ name: 'Claude', prompts: 40000 },
{ name: 'Cohere', prompts: 40000 },
{ name: 'Azure OpenAI', prompts: 40000 },
{ name: 'assemblyai', prompts: 40000 },
]
function has_image(spec) {
return spec.includes('<<BASE64_IMAGE>>');
}
function has_files(spec) {
return spec.includes('multipart/form-data');
}
function _getFailureRateColor(failureRate) {
// We're now working with the strength percentage, so no need to invert
const strengthRate = 100 - failureRate;
if (strengthRate >= 95) return 'text-green-400';
else if (strengthRate >= 85) return 'text-green-400';
else if (strengthRate >= 75) return 'text-green-500';
else if (strengthRate >= 65) return 'text-yellow-400';
else if (strengthRate >= 55) return 'text-yellow-500';
else if (strengthRate >= 45) return 'text-orange-400';
else if (strengthRate >= 35) return 'text-orange-500';
else if (strengthRate >= 25) return 'text-dark-accent-red';
else if (strengthRate >= 15) return 'text-red-400';
else if (strengthRate > 0) return 'text-red-500';
else return 'text-gray-100'; // This can be the default for strengthRate of 0 or less
}
function _getFailureRateScore(failureRate) {
// Convert failureRate to a strength percentage
const strengthRate = 100 - failureRate;
if (strengthRate >= 90) return 'A';
else if (strengthRate >= 80) return 'B';
else if (strengthRate >= 70) return 'C';
else if (strengthRate >= 60) return 'D';
else return 'E'; // For strengthRate less than 60
}
export { LLM_SPECS, LLM_CONFIGS, has_image, has_files, _getFailureRateColor, _getFailureRateScore ,URL };
ui/public/favicon.ico
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 140 B

ui/public/index.html
+22
View File
@@ -0,0 +1,22 @@
<!DOCTYPE html>
<html lang="en" class="dark">
<header>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>LLM Vulnerability Scanner</title>
<script src="https://unpkg.com/lucide@latest/dist/umd/lucide.js"></script>
<link href="https://fonts.cdnfonts.com/css/technopollas" rel="stylesheet">
<link href="styles/output.css" rel="stylesheet">
</header>
<body class="bg-dark-bg text-dark-text font-sans">
<noscript>
<strong>We're sorry but <%= htmlWebpackPlugin.options.title %> doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
</noscript>
<div id="vue-app" class="min-h-screen p-8"></div>
</body>
</html>
ui/public/styles/output.css
+1439
View File
File diff suppressed because it is too large Load Diff
ui/public/styles/styles.css
+11
View File
@@ -0,0 +1,11 @@
@tailwind base;
@tailwind components;
@tailwind utilities;
@import url('https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap');
.scrollbar-hide::-webkit-scrollbar {
display: none;
}
.scrollbar-hide {
-ms-overflow-style: none; /* IE and Edge */
scrollbar-width: none; /* Firefox */
}

Some files were not shown because too many files have changed in this diff Show More