- Implement URL scheme validation for LLM endpoint connections.
- Mitigate Server-Side Request Forgery (SSRF) by ensuring only 'http' and 'https' schemes are allowed.
- Sanitize report output paths to prevent directory traversal attacks.
- Ensure test reports are saved only within the current working directory.
- Update RAG pipeline documentation to use Mermaid for improved flow diagram rendering.
- Converted generic text code blocks to specific formats like yaml, bash, math, and python.
- Improves syntax highlighting and semantic understanding of examples.
- Replaced several text blocks with Markdown tables for enhanced readability.
- Provides a clearer, more structured presentation for key concepts.
- Removed redundant horizontal rules at the end of the chapter.
- Reformat various attack examples and flows into more structured tables or code blocks.
- Convert plain text and generic YAML blocks to specific python, markdown, or yaml code fences.
- Update table headers and content for enhanced clarity and consistency across the document.
- Standardize the presentation of attack methodologies and vulnerability scan results.
- Enhance overall documentation readability for complex security concepts.
- Converted various plain text and code block examples into structured Markdown tables or YAML.
- Improved readability and clarity of complex attack scenarios and processes.
- Enhanced the visual presentation of security concepts within the chapter.
- Applied to examples including model naming, backdoor triggers, data poisoning, and supply chain attacks.
- Restructure the Content field in the RAG pipeline example.
- Convert the content from a single multi-line string to a list of items.
- Explicitly define question/answer pairs and system instruction injections.
- Improve the clarity and readability of the YAML example for RAG content.
- The example malicious document in the RAG pipelines chapter was updated.
- Changed the code block from markdown to YAML syntax.
- This provides a more structured representation of the document content.
- Improves clarity and consistency of the example's presentation.
- Converted the "Example Attack" section for metadata leakage from a text block to a Markdown table.
- This change enhances readability and provides a clearer, more structured presentation of the information.
- Delineates leakage types and the specific information revealed during a metadata attack.
- Converted RAG query examples from plain text to a Markdown table.
- Updated the example Trojan Document to use a YAML code block.
- Enhanced the readability and structure of code examples within the RAG chapter.
- Convert attack flow and scenario steps into structured Markdown tables.
- Enhance readability for complex sequences like chunk reconstruction and provenance attacks.
- Update the restricted user query example to use YAML block for better representation of multi-line responses.
- Improve overall presentation and clarity of examples within the RAG Pipelines chapter.
- Converted a plain text example block to YAML format.
- Enhances clarity and structure for the RAG pipeline attack scenario.
- Improves consistency in documentation examples.
- Reformat test cases for Retrieval Augmented Generation (RAG) pipeline vulnerabilities.
- Present test scenarios, inputs, expected behaviors, and vulnerability indicators in a clear Markdown table.
- Enhance readability and consistency of the documentation for security test cases.
- Converted the "Attacker Query Sequence" example from plain text to a Markdown table.
- Improves readability and structure of the example content.
- Enhances presentation for better understanding of the query steps and outcomes.
shiva108