- Added detailed decision guides for local LLM deployment options and virtualization.
- Enhanced guidance for commercial LLM API testing, including cost, rate limiting, and logging.
- Provided a comprehensive overview of network isolation strategies and their GPU support.
- Introduced essential red team tooling categories and explained the use of Garak.
- Detailed the importance of kill switches, watchdog timers, and rate limiters for lab safety.
- Embed three new diagrams in Chapter 7 documentation.
- Provide visual explanations for proxy traffic interception.
- Illustrate the architectural setup for Docker-based lab isolation.
- Detail the execution flow of the custom test harness.
- Enhance readability and comprehension of complex lab setup procedures.
- Significantly expanded Chapter 7 with detailed guides and code examples for AI red teaming lab setup.
- Introduced comprehensive sections on local LLM deployment, API-based testing, and network isolation.
- Added critical safety controls including kill switches, watchdog timers, rate limiting, and cost management.
- Included advanced topics such as testing RAG, agent systems, and multi-modal models.
- Provided pre-engagement and daily operational checklists, risk management, and incident response procedures.
- Convert all prompt and attack examples from plain text to YAML format.
- Enhance the readability and structure of complex jailbreak techniques.
- Provide clearer delineation of different parts within multi-step prompts.
- Implement URL scheme validation for LLM endpoint connections.
- Mitigate Server-Side Request Forgery (SSRF) by ensuring only 'http' and 'https' schemes are allowed.
- Sanitize report output paths to prevent directory traversal attacks.
- Ensure test reports are saved only within the current working directory.
- Update RAG pipeline documentation to use Mermaid for improved flow diagram rendering.
- Converted generic text code blocks to specific formats like yaml, bash, math, and python.
- Improves syntax highlighting and semantic understanding of examples.
- Replaced several text blocks with Markdown tables for enhanced readability.
- Provides a clearer, more structured presentation for key concepts.
- Removed redundant horizontal rules at the end of the chapter.
- Reformat various attack examples and flows into more structured tables or code blocks.
- Convert plain text and generic YAML blocks to specific python, markdown, or yaml code fences.
- Update table headers and content for enhanced clarity and consistency across the document.
- Standardize the presentation of attack methodologies and vulnerability scan results.
- Enhance overall documentation readability for complex security concepts.
- Converted various plain text and code block examples into structured Markdown tables or YAML.
- Improved readability and clarity of complex attack scenarios and processes.
- Enhanced the visual presentation of security concepts within the chapter.
- Applied to examples including model naming, backdoor triggers, data poisoning, and supply chain attacks.
- Restructure the Content field in the RAG pipeline example.
- Convert the content from a single multi-line string to a list of items.
- Explicitly define question/answer pairs and system instruction injections.
- Improve the clarity and readability of the YAML example for RAG content.
- The example malicious document in the RAG pipelines chapter was updated.
- Changed the code block from markdown to YAML syntax.
- This provides a more structured representation of the document content.
- Improves clarity and consistency of the example's presentation.
- Converted the "Example Attack" section for metadata leakage from a text block to a Markdown table.
- This change enhances readability and provides a clearer, more structured presentation of the information.
- Delineates leakage types and the specific information revealed during a metadata attack.
- Converted RAG query examples from plain text to a Markdown table.
- Updated the example Trojan Document to use a YAML code block.
- Enhanced the readability and structure of code examples within the RAG chapter.
- Convert attack flow and scenario steps into structured Markdown tables.
- Enhance readability for complex sequences like chunk reconstruction and provenance attacks.
- Update the restricted user query example to use YAML block for better representation of multi-line responses.
- Improve overall presentation and clarity of examples within the RAG Pipelines chapter.
- Converted a plain text example block to YAML format.
- Enhances clarity and structure for the RAG pipeline attack scenario.
- Improves consistency in documentation examples.
- Reformat test cases for Retrieval Augmented Generation (RAG) pipeline vulnerabilities.
- Present test scenarios, inputs, expected behaviors, and vulnerability indicators in a clear Markdown table.
- Enhance readability and consistency of the documentation for security test cases.
- Converted the "Attacker Query Sequence" example from plain text to a Markdown table.
- Improves readability and structure of the example content.
- Enhances presentation for better understanding of the query steps and outcomes.