feat: add timeout parameter to ChatSession.say()#183
Open
i-anubhav-anand wants to merge 13 commits into
Open
Conversation
What's New: New Features & Enhancements - Introduced Multistage Attack: We've added a novel `multistage_depth` parameter to the `start_testing()` fucntion, allowing users to specify the depth of a dialogue during testing, enabling more sophisticated and targeted LLM Red teaming strategies. - Refactored Sycophancy Attack: The `sycophancy_test` has been renamed to `sycophancy`, transforming it into a multistage attack for increased effectiveness in uncovering model vulnerabilities. - Enhanced Logical Inconsistencies Attack: The `logical_inconsistencies_test` has been renamed to `logical_inconsistencies` and restructured as a multistage attack to better detect and exploit logical weaknesses within language models. - New Multistage Harmful Behavior Attack: Introducing `harmful_behaviour_multistage`, a more nuanced version of the original harmful behavior attack, designed for deeper penetration testing. - Innovative System Prompt Leakage Attack: We've developed a new multistage attack, `system_prompt_leakage`, leveraging jailbreak examples from dataset to target and exploit model internals. Improvements & Refinements - Conducted extensive refactoring for improved code efficiency and maintainability across the framework. - Made numerous small improvements and optimizations to enhance overall performance and user experience. --------- Co-authored-by: Timur Nizamov <abc@nizamovtimur.ru> Co-authored-by: Nikita Ivanov <nikita.ivanov.778@gmail.com>
* small fix for attacks and add strip parameter for ChatSession --------- Co-authored-by: Низамов Тимур Дамирович <abc@nizamovtimur.ru>
* Add Crescendo attack * Add BON attack * Add Docker example with Jupyter Notebook and installed LLAMATOR * Improve attack system prompt for Prompt Leakage * Other minor improvements and bug fixes --------- Co-authored-by: Timur Nizamov <abc@nizamovtimur.ru> Co-authored-by: Nikita Ivanov <nikita.ivanov.778@gmail.com>
* Add HarmBench Prompts * Add Suffix Attack * Remake Harmful Behavior Attack --------- Co-authored-by: Shine-afk <belyaevskij.nikita@gmail.com> Co-authored-by: Timur Nizamov <abc@nizamovtimur.ru> Co-authored-by: Nikita Ivanov <nikita.ivanov.778@gmail.com>
* Add video guides about Red Teaming and LLAMATOR * Update Documentation: copyright, guides section * Fix null checking for multistage attacks * Enhance sycophancy --------- Co-authored-by: Timur Nizamov <abc@nizamovtimur.ru>
* Update LangChain versions; * Improve console output and progress bars; * Changed the way of setting parameters for the test start function; * Attack class now includes dictionaries with descriptions of various aspects of an attack; * Add verification for attack parameters; * Added a function for displaying templates with written attack presets; * Add a new config for the judge model, allowing it to be specified as a separate model; * Update examples in Jupyter notebooks; * Update the logging order of attack steps; * Add handling for emergency attack stoppages; * Add Shuffle Inconsistency attack (Original Paper: https://arxiv.org/html/2501.04931); * Add to attacks with datasets custom parameter for another dataset; * Refactor judge models interaction for Ethical Compliance, Logical Inconsistencies, Sycophancy tests; --------- Co-authored-by: Timur Nizamov <abc@nizamovtimur.ru> Co-authored-by: Nikita Ivanov <nikita.ivanov.778@gmail.com>
* Enhance documentation and add judge model validation checks * Add chat badge to project overview and README for community engagement * Add Autodan Turbo * Add Dialogue Injection Attack * Switch parquet engine from fastparquet to pyarrow --------- Co-authored-by: Timur Nizamov <abc@nizamovtimur.ru> Co-authored-by: Nikita Ivanov <nikita.ivanov.778@gmail.com> Co-authored-by: Artyom Semenov <129667548+wearetyomsmnv@users.noreply.github.com> Co-authored-by: 3ndetz <jayrawrr3@gmail.com>
* Added Deceptive Delight * Added Dialogue Injection Continuation * Added VLM Lowres PDFs Attack * Added VLM M-Attack * Added VLM Text Hallucination Attack * Introduced support for Vision Language Model (VLM) attacks, expanding the framework’s multimodal testing capabilities * Added Dialogue Injection Developer Mode*(formerly "Dialog Injection") * Renamed Harmful Behavior Multistage to PAIR * Added scoring to PAIR attack via the Judge Model * Revised and translated Harmbench dataset into Russian * Added `language` column to datasets and enabled filtering attacks by language * Updated `start_testing` to return a dictionary object with test results * Removed Complimentary Transition * Removed Typoglycemia Attack * Removed legacy `RU_*` attacks (now handled via language-based dataset filtering) --------- Co-authored-by: Timur Nizamov <abc@nizamovtimur.ru> Co-authored-by: Nikita Ivanov <nikita.ivanov.778@gmail.com> Co-authored-by: 3ndetz <jayrawrr3@gmail.com> Co-authored-by: ti3c2 <ti3c2@yandex.com> Co-authored-by: svyatocheck <svyatwork2@gmail.com> Co-authored-by: Egorov, Michil <michil.egorov@x5.ru>
1. **Redesigned the output of testing parameter presets.** Added the following presets: `all`, `owasp:llm01`, `owasp:llm07`, `owasp:llm09`, `llm`, `vlm`, `eng`, `rus`. 2. **Added a new Linguistic Sandwich attack.** An adversarial prompt in a low-resource language is sandwiched between benign prompts in other languages. 3. **In the System Prompt Leakage attack, the heuristiс evaluation has been replaced with LLM-as-a-judge.** This checks the similarity between the system's output and the intended prompt based on the system description. 4. **The static Past Tense attack has become the dynamic Time Machine attack.** The attacking model now alters the temporal context of the adversarial prompt. 5. **Add new tag - `model`: `llm` / `vlm`** 6. **README update** - Enterprise Version announce 7. **Other minor fixes and improvements.** --------- Co-authored-by: Timur Nizamov <abc@nizamovtimur.ru> Co-authored-by: Nikita Ivanov <nikita.ivanov.778@gmail.com>
* Refactor test preset functions to improve clarity. * Add CoP attack. * Add DoS Repetition Token Attack. * Improve saving attacker's and client's answers, including empty tested client answer in case of error. * Rename `get_tested_client_prompts` into `get_attack_prompts`. --------- Co-authored-by: Timur Nizamov <abc@nizamovtimur.ru> Co-authored-by: Nikita Ivanov <nikita.ivanov.778@gmail.com>
* Add semantic game attack (LLAMATOR-Core#178) --------- Co-authored-by: Rudolf Stasilovich <75040556+rudiandradi@users.noreply.github.com> Co-authored-by: Timur Nizamov <abc@nizamovtimur.ru> Co-authored-by: Nikita Ivanov <nikita.ivanov.778@gmail.com>
Add timeout support to ChatSession to allow users to set a maximum response wait time. Useful for detecting slow/hanging models in DoS attacks, Auto-DAN, and other attack scenarios. - Add timeout parameter to ChatSession.__init__ (session-level default) - Add timeout parameter to ChatSession.say() (call-level override) - Uses ThreadPoolExecutor to enforce timeout on LLM interact calls - Returns None and logs warning on timeout without crashing the session Closes LLAMATOR-Core#174
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add timeout support to
ChatSessionto allow callers to set a maximum response wait time. This is useful for detecting models that are taking too long to process, which may be relevant in DoS attack vectors and Auto-DAN scenarios.Changes
timeoutparameter toChatSession.__init__()(session-level default)timeoutparameter toChatSession.say()(call-level override)ThreadPoolExecutorto enforce timeout on the LLM interact callTesting
Closes #174