Commit Graph

317 Commits

Author SHA1 Message Date
shiva108 be3b06ba75 build(prompt-injection-tester): add typer and rich dependencies for pit script
- Add typer and rich to the prompt_injection_tester project dependencies.
- Introduce pit as a new command-line entry point in pyproject.toml.
- These dependencies are essential for developing the new pit command-line interface.
2026-01-26 16:12:49 +01:00
shiva108 1ade6e12f9 chore: ignore CLI_ARCHITECTURE.md in tools/prompt_injection_tester/. 2026-01-26 16:03:32 +01:00
shiva108 30a80f83f6 chore: ignore CLI specification for the prompt injection tester tool. 2026-01-26 15:58:03 +01:00
shiva108 5f8c0e04bc feat: Initialize git configuration and submodules, and update .gitignore to exclude common user config, IDE, and Claude-specific files. 2026-01-26 13:50:40 +01:00
shiva108 bd4dc886d9 dectection update. 2026-01-26 13:35:22 +01:00
shiva108 6432385796 feat: Add vulnerability graph and terminal exploit list images to documentation assets. 2026-01-26 13:28:55 +01:00
shiva108 aac93cb221 feat: Add model identifier configuration for target LLMs and enhance prompt injection detection patterns with refined confidence scoring. 2026-01-26 13:16:06 +01:00
shiva108 da7ec7a341 feat: Add comprehensive test suite including CLI, enhanced detection, integration, and async execution tests. 2026-01-26 13:06:47 +01:00
shiva108 d4e1c3739d style(prompt_injection_tester): apply consistent formatting and type hints
- Standardize import order across all modules in the tool.
- Introduce explicit type hints for variables and function return types to enhance code clarity.
- Remove unused imports to reduce code clutter and improve maintainability.
- Update .gitignore to exclude generated code review reports and coverage files.
- These changes improve code readability and facilitate static analysis.
2026-01-26 12:42:44 +01:00
shiva108 2022004854 refactor: Improve code quality by adding type hints, enforcing client initialization, and ignoring virtual environments. 2026-01-26 00:00:59 +01:00
shiva108 52a9b3f0a8 feat: Introduce a new prompt injection tester tool with detection modules, utilities, and a command-line interface. 2026-01-25 23:53:11 +01:00
shiva108 4d39a177cf feat: Introduce prompt injection tester framework with core models and various direct, indirect, and advanced attack patterns. 2026-01-25 23:42:21 +01:00
shiva108 5e13f6d569 docs: Add newsletter_jan_2026.md to .gitignore. 2026-01-25 23:17:20 +01:00
shiva108 2138c3f500 docs: Ignore the January 2026 AI Security Intelligence Report. 2026-01-25 00:40:08 +01:00
shiva108 830c20e81f chore: Add AI Security Intelligence Report to gitignore. 2026-01-25 00:35:47 +01:00
shiva108 c90b3bc660 chore: Remove gitbook-cli from dependencies. 2026-01-24 09:55:28 +01:00
shiva108 1f629c1f24 docs: Standardize example and scenario blocks to YAML format for improved structure and readability, and refine associated headings. 2026-01-24 09:51:17 +01:00
shiva108 7fe557e4e3 docs(jailbreaks): format examples as YAML
- Convert all prompt and attack examples from plain text to YAML format.
- Enhance the readability and structure of complex jailbreak techniques.
- Provide clearer delineation of different parts within multi-step prompts.
2026-01-23 23:29:17 +01:00
shiva108 04b0325e64 refactor: Convert code examples in Chapter 15 from plain text to structured YAML format for improved clarity. 2026-01-23 23:24:07 +01:00
shiva108 529d06f00a fix(test-orchestrator): prevent SSRF and path traversal vulnerabilities
- Implement URL scheme validation for LLM endpoint connections.
- Mitigate Server-Side Request Forgery (SSRF) by ensuring only 'http' and 'https' schemes are allowed.
- Sanitize report output paths to prevent directory traversal attacks.
- Ensure test reports are saved only within the current working directory.
- Update RAG pipeline documentation to use Mermaid for improved flow diagram rendering.
2026-01-23 16:53:28 +01:00
shiva108 4964487bbe docs(prompt-injection): enhance code block formatting and clarity
- Converted generic text code blocks to specific formats like yaml, bash, math, and python.
- Improves syntax highlighting and semantic understanding of examples.
- Replaced several text blocks with Markdown tables for enhanced readability.
- Provides a clearer, more structured presentation for key concepts.
- Removed redundant horizontal rules at the end of the chapter.
2026-01-23 16:46:14 +01:00
shiva108 6d12219cfa docs(supply-chain-security): improve readability of attack examples and flows
- Reformat various attack examples and flows into more structured tables or code blocks.
- Convert plain text and generic YAML blocks to specific python, markdown, or yaml code fences.
- Update table headers and content for enhanced clarity and consistency across the document.
- Standardize the presentation of attack methodologies and vulnerability scan results.
- Enhance overall documentation readability for complex security concepts.
2026-01-23 16:13:45 +01:00
shiva108 8c90069c91 docs(supply-chain): format attack examples as tables and YAML
- Converted various plain text and code block examples into structured Markdown tables or YAML.
- Improved readability and clarity of complex attack scenarios and processes.
- Enhanced the visual presentation of security concepts within the chapter.
- Applied to examples including model naming, backdoor triggers, data poisoning, and supply chain attacks.
2026-01-23 16:08:30 +01:00
shiva108 3dc2cc6fa6 docs(rag): update example content structure
- Restructure the Content field in the RAG pipeline example.
- Convert the content from a single multi-line string to a list of items.
- Explicitly define question/answer pairs and system instruction injections.
- Improve the clarity and readability of the YAML example for RAG content.
2026-01-23 16:02:15 +01:00
shiva108 90785b44e5 docs(rag): update malicious document example format
- The example malicious document in the RAG pipelines chapter was updated.
- Changed the code block from markdown to YAML syntax.
- This provides a more structured representation of the document content.
- Improves clarity and consistency of the example's presentation.
2026-01-23 15:56:41 +01:00
shiva108 088eeaf3df docs(rag-pipelines): refactor metadata leakage example to table
- Converted the "Example Attack" section for metadata leakage from a text block to a Markdown table.
- This change enhances readability and provides a clearer, more structured presentation of the information.
- Delineates leakage types and the specific information revealed during a metadata attack.
2026-01-23 15:53:24 +01:00
shiva108 e946e00f09 docs(rag): format example queries and trojan document
- Converted RAG query examples from plain text to a Markdown table.
- Updated the example Trojan Document to use a YAML code block.
- Enhanced the readability and structure of code examples within the RAG chapter.
2026-01-23 15:49:10 +01:00
shiva108 7fc56b8ad3 docs(rag-pipelines): improve formatting of RAG attack examples and scenarios
- Convert attack flow and scenario steps into structured Markdown tables.
- Enhance readability for complex sequences like chunk reconstruction and provenance attacks.
- Update the restricted user query example to use YAML block for better representation of multi-line responses.
- Improve overall presentation and clarity of examples within the RAG Pipelines chapter.
2026-01-23 15:44:19 +01:00
shiva108 5190be05bf docs(rag-pipelines): update RAG pipeline example format to YAML
- Converted a plain text example block to YAML format.
- Enhances clarity and structure for the RAG pipeline attack scenario.
- Improves consistency in documentation examples.
2026-01-23 15:38:24 +01:00
shiva108 cc3dfd39d4 added yaml block 2026-01-23 15:32:58 +01:00
shiva108 5c59a42179 docs(rag-pipelines): format RAG pipeline test cases as a table
- Reformat test cases for Retrieval Augmented Generation (RAG) pipeline vulnerabilities.
- Present test scenarios, inputs, expected behaviors, and vulnerability indicators in a clear Markdown table.
- Enhance readability and consistency of the documentation for security test cases.
2026-01-23 15:31:52 +01:00
shiva108 423493c24c docs(rag-pipelines): format attacker query example as table
- Converted the "Attacker Query Sequence" example from plain text to a Markdown table.
- Improves readability and structure of the example content.
- Enhances presentation for better understanding of the query steps and outcomes.
2026-01-23 15:27:42 +01:00
shiva108 2c774d4ea6 deleted node files 2026-01-23 15:22:25 +01:00
shiva108 197567bdae fda 2026-01-23 15:20:31 +01:00
shiva108 2ec4191721 adding mermaid packages 2026-01-23 15:09:56 +01:00
shiva108 91dccbba6f Remove double illustrations. 2026-01-22 23:55:33 +01:00
shiva108 4282c05b06 mermaid 2026-01-22 23:53:31 +01:00
shiva108 c84b769a01 mermaid js added 2026-01-22 23:49:27 +01:00
shiva108 d2e391097f .. 2026-01-22 23:41:07 +01:00
shiva108 c288ff9aed fix(ch07): Replace Mermaid diagrams with generated static PNGs for GitBook compatibility 2026-01-22 23:40:32 +01:00
shiva108 0523c5ee72 fix: Restore standard Mermaid markdown syntax for GitBook 2026-01-22 23:37:21 +01:00
shiva108 230f9c1806 fix: Convert Mermaid diagrams to GitBook syntax using {% mermaid %} blocks 2026-01-22 23:34:22 +01:00
shiva108 0bbd5ad728 mermaid 2026-01-22 23:29:25 +01:00
shiva108 b6f1fc6d61 Update and audit 2026-01-22 23:24:47 +01:00
shiva108 438742986b 512 2026-01-22 23:16:00 +01:00
shiva108 196179a678 udpate 41 2026-01-22 21:05:23 +01:00
shiva108 a6798c37be update 41 2026-01-22 20:58:07 +01:00
shiva108 fef2c1325d git 2026-01-22 15:27:46 +01:00
shiva108 4ac3b0e296 feat: add and embed three new diagrams to the Prompt Injection Playbook. 2026-01-22 15:12:12 +01:00
shiva108 9394bfdf3a w Refactor headings and bullet points for better readability in docs/Chapter_46_Conclusion_and_Next_Steps.md 2026-01-22 11:38:36 +01:00