avise.sets package

avise.sets.languagemodel.multi_turn.context_test module

Context test for multi-turn conversations.

Tests if the LLM correctly interpret the conversation context across multiple turns. The full conversation history is sent with each API call.

class avise.sets.languagemodel.multi_turn.context_test.ContextTest[source]

Bases: BaseSETPipeline

Context Test SET.

description: str = 'A simple test for multi-turn conversations where the conversation history is passed to the target'
evaluate(execution_data: OutputData) List[EvaluationResult][source]

Evaluate the SET outputs with evaluators.

Parameters:

execution_data – OutputData from execute()

Returns:

Evaluation of each SET

Return type:

List[EvaluationResult]

Requirements:

  • Must produce one EvaluationResult per ExecutionOutput

  • Status must be “passed”, “failed”, or “error” TODO: Something else?

  • Reason should explain the SET status. Why did the SET pass, fail or cause an error?

execute(connector: BaseLMConnector, sets: List[LanguageModelSETCase]) OutputData[source]

Run the SETs against the target.

Parameters:

  • connector – A connector instance

  • sets – List of SET cases from initialize()

Returns:

All SET outputs along with the execution time.

Return type:

OutputData

Requirements:

  • Must produce one ExecutionOutput per LanguageModelSETCase.

  • Metadata from LanguageModelSETCase should be carried through for final report.

  • Errors should be placed to ExecutionOutput.error for later inspection.

initialize(set_config_path: str) List[LanguageModelSETCase][source]

Load and return SET cases from configuration files.

Parameters:

set_config_path – Path to SET configuration file

Returns:

SET cases used in the run

Return type:

List[LanguageModelSETCase]

Requirements:

  • Each SET case must at least contain an ID and a prompt

  • Additional data related to the SETs go to the metadata

name: str = 'Context test'
report(results: List[EvaluationResult], output_path: str, report_format: ReportFormat = ReportFormat.JSON, generate_ai_summary: bool = True) ReportData[source]

Generate the final report in the desired format and save it to target location.

Parameters:

  • results – List[EvaluationResult] from evaluate()

  • output_path – Path for output file (../user/reports/..)

  • report_format – Report format (Json, Toml, Yaml…) Set to JSON as default.

  • generate_ai_summary – Whether to generate AI summary (optional)

Returns:

The final report with all the SET data

Return type:

ReportData

Requirements:

  • Must write a report in the requested format to output_path

avise.sets.languagemodel.multi_turn.red_queen module

Red Queen Security Evaluation Test.

Implements the Red Queen attack (https://arxiv.org/abs/2409.17458) with some modifications. See configuration JSON for available modifications.

class avise.sets.languagemodel.multi_turn.red_queen.RedQueen[source]

Bases: BaseSETPipeline

Red Queen SET.

description: str = 'Multi-turn scenarios, where the malicious intent is concealed under the guise of preventing harm.'
evaluate(execution_data: OutputData) List[EvaluationResult][source]

Evaluate the SET outputs with evaluators.

Parameters:

execution_data – OutputData from execute()

Returns:

Evaluation of each SET

Return type:

List[EvaluationResult]

Requirements:

  • Must produce one EvaluationResult per ExecutionOutput

  • Status must be “passed”, “failed”, or “error” TODO: Something else?

  • Reason should explain the SET status. Why did the SET pass, fail or cause an error?

execute(connector: BaseLMConnector, sets: List[LanguageModelSETCase]) OutputData[source]

Run the SETs against the target.

Parameters:

  • connector – A connector instance

  • sets – List of SET cases from initialize()

Returns:

All SET outputs along with the execution time.

Return type:

OutputData

Requirements:

  • Must produce one ExecutionOutput per LanguageModelSETCase.

  • Metadata from LanguageModelSETCase should be carried through for final report.

  • Errors should be placed to ExecutionOutput.error for later inspection.

initialize(set_config_path: str) List[LanguageModelSETCase][source]

Load and return SET cases from configuration files.

Parameters:

set_config_path – Path to SET configuration file

Returns:

SET cases used in the run

Return type:

List[LanguageModelSETCase]

Requirements:

  • Each SET case must at least contain an ID and a prompt

  • Additional data related to the SETs go to the metadata

name: str = 'Red Queen'
report(results: List[EvaluationResult], output_path: str, report_format: ReportFormat = ReportFormat.JSON, generate_ai_summary: bool = True) ReportData[source]

Generate the final report in the desired format and save it to target location.

Parameters:

  • results – List[EvaluationResult] from evaluate()

  • output_path – Path for output file (../user/reports/..)

  • report_format – Report format (Json, Toml, Yaml…) Set to JSON as default.

  • generate_ai_summary – Whether to generate AI summary (optional)

Returns:

The final report with all the SET data

Return type:

ReportData

Requirements:

  • Must write a report in the requested format to output_path

avise.sets.languagemodel.single_turn.prompt_injection module

LLM01: Prompt Injection vulnerability Security Evaluation Test.

Implements the 4-phase pipeline for testing prompt injection vulnerabilities as defined in OWASP LLM Top 10.

All 4 phases are explicitly implemented using data contracts: initialize() -> execute() -> evaluate() -> report()

class avise.sets.languagemodel.single_turn.prompt_injection.PromptInjectionTest[source]

Bases: BaseSETPipeline

An early test written for testing prompt injection vulnerabilities. Works as an example of SETs that are planned to implemented and designed by using AVISE framework.

This SET implements the complete 4-phase pipeline, showcases how the inherited functions can be overwritten, and how different modular components of the framework can be used.

description: str = 'SET implementation for testing prompt injection vulnerabilities (OWASP LLM01)'
determine_test_status(detections: Dict[str, Any]) Tuple[str, str][source]

Determine test status based on detection results.

Priority: vulnerability > suspicious > partial > refusal > inconclusive

evaluate(execution_data: OutputData) List[EvaluationResult][source]

Phase 3 of the testing pipeline. Evaluate the responses for prompt injection vulnerabilities.

Parameters:

execution_data – OutputData from execute()

Returns:

Evaluation for each Security Evaluation Test

Return type:

List[EvaluationResult]

execute(connector: BaseLMConnector, sets: List[LanguageModelSETCase]) OutputData[source]

Phase 2 of the testing pipeline. Execute SETs against the target model.

Parameters:

  • connector – Target connector instance

  • sets – List[LanguageModelSETCase] from initialize()

Returns:

All SET outputs along with the execution time.

Return type:

OutputData

initialize(set_config_path: str) List[LanguageModelSETCase][source]

Phase 1 of the test pipeline. Load prompt injection SET cases from configuration files.

Parameters:

set_config_path – Path to SET configuration file

Returns:

List of SET cases to be used

Return type:

List[LanguageModelSETCase]

name: str = 'Prompt Injection'
report(results: List[EvaluationResult], output_path: str, report_format: ReportFormat = ReportFormat.JSON, generate_ai_summary: bool = True) ReportData[source]

Phase 4 of the testing pipeline. Generate a report in the specified format.

Parameters:

  • results – List[EvaluationResult] from evaluate()

  • output_path – Path for output file / directory

  • report_format – Report format

  • generate_ai_summary – Whether to generate AI summary (requires eval_model config)

Returns:

The final report with all the Security Evaluation Test data

Return type:

ReportData