@langwatch/scenario 0.4.8 → 0.4.10

package/dist/index.d.mts

@@ -197,10 +197,6 @@ interface ScenarioConfigFinal extends Omit<ScenarioConfig, "id" | "script" | "th
     verbose: boolean;
     maxTurns: number;
     threadId: string;
-    /**
-     * Optional identifier to group this scenario into a set ("Simulation Set").
-     */
-    setId?: string;
 }
 /**
  * The execution context for a scenario script.
@@ -390,7 +386,7 @@ interface ScenarioExecutionStateLike {
 declare const scenarioProjectConfigSchema: z.ZodObject<{
     defaultModel: z.ZodOptional<z.ZodObject<{
         model: z.ZodCustom<ai.LanguageModel, ai.LanguageModel>;
-        temperature: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
+        temperature: z.ZodOptional<z.ZodNumber>;
         maxTokens: z.ZodOptional<z.ZodNumber>;
     }, z.core.$strip>>;
     headless: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
@@ -431,7 +427,7 @@ declare namespace domain {
  */
 declare const modelSchema: z.ZodObject<{
     model: z.ZodCustom<LanguageModel, LanguageModel>;
-    temperature: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
+    temperature: z.ZodOptional<z.ZodNumber>;
     maxTokens: z.ZodOptional<z.ZodNumber>;
 }, z.core.$strip>;
 type ModelConfig = z.infer<typeof modelSchema>;
@@ -589,6 +585,17 @@ declare class JudgeAgent extends JudgeAgentAdapter {
      * being forced to a terminal decision.
      */
     private invokeLLMWithDiscovery;
+    /**
+     * Checks whether the discovery loop ran out of steps without the judge
+     * calling finish_test or continue_test.
+     */
+    private discoveryExhausted;
+    /**
+     * Makes one final LLM call with tool_choice forced to finish_test,
+     * so the judge renders a verdict with whatever context it accumulated
+     * during discovery instead of hard-failing.
+     */
+    private forceVerdict;
     private parseToolCalls;
 }
 /**
@@ -750,9 +757,9 @@ declare class UserSimulatorAgent extends UserSimulatorAgentAdapter {
  * @param config Optional configuration for the agent.
  * @param config.model The language model to use for generating responses.
  *                     If not provided, a default model will be used.
- * @param config.temperature The temperature for the language model (0.0-1.0).
+ * @param config.temperature Optional temperature for the language model (0.0-1.0).
  *                          Lower values make responses more deterministic.
- *                          Defaults to {@link DEFAULT_TEMPERATURE}.
+ *                          Omitted by default for compatibility with reasoning models.
  * @param config.maxTokens The maximum number of tokens to generate.
  *                        If not provided, uses model defaults.
  * @param config.name The name of the agent.
@@ -1012,6 +1019,45 @@ declare class CrescendoStrategy implements RedTeamStrategy {
     }): string;
 }
 
+/**
+ * Single-turn attack techniques for red-team message augmentation.
+ *
+ * Provides deterministic encoding transforms that can be randomly applied to
+ * attacker messages before sending them to the target agent. Each technique
+ * encodes the message and prepends a preamble so the target understands how
+ * to decode it.
+ *
+ * These are zero-cost (no LLM calls) and test whether safety filters can
+ * handle obfuscated inputs.
+ */
+interface AttackTechnique {
+    /** Short identifier for this technique (used in debug logs). */
+    readonly name: string;
+    /** Transform the attacker's raw message into an encoded version with preamble. */
+    transform(message: string): string;
+}
+declare class Base64Technique implements AttackTechnique {
+    readonly name = "base64";
+    transform(message: string): string;
+}
+declare class ROT13Technique implements AttackTechnique {
+    readonly name = "rot13";
+    transform(message: string): string;
+}
+declare class LeetspeakTechnique implements AttackTechnique {
+    readonly name = "leetspeak";
+    transform(message: string): string;
+}
+declare class CharSplitTechnique implements AttackTechnique {
+    readonly name = "char_split";
+    transform(message: string): string;
+}
+declare class CodeBlockTechnique implements AttackTechnique {
+    readonly name = "code_block";
+    transform(message: string): string;
+}
+declare const DEFAULT_TECHNIQUES: AttackTechnique[];
+
 interface RedTeamAgentConfig {
     strategy: RedTeamStrategy;
     target: string;
@@ -1032,6 +1078,10 @@ interface RedTeamAgentConfig {
     successScore?: number;
     /** Consecutive turns >= threshold before triggering early exit. Default 2. */
     successConfirmTurns?: number;
+    /** Probability (0.0-1.0) of applying a random encoding technique per turn. Default 0.0 (off). */
+    injectionProbability?: number;
+    /** List of AttackTechnique instances to sample from. Defaults to all built-ins. */
+    techniques?: AttackTechnique[];
 }
 interface CrescendoConfig {
     target: string;
@@ -1049,6 +1099,10 @@ interface CrescendoConfig {
     successScore?: number;
     /** Consecutive turns >= threshold before triggering early exit. Default 2. */
     successConfirmTurns?: number;
+    /** Probability (0.0-1.0) of applying a random encoding technique per turn. Default 0.0 (off). */
+    injectionProbability?: number;
+    /** List of AttackTechnique instances to sample from. Defaults to all built-ins. */
+    techniques?: AttackTechnique[];
 }
 declare class RedTeamAgentImpl extends UserSimulatorAgentAdapter {
     name: string;
@@ -1065,6 +1119,8 @@ declare class RedTeamAgentImpl extends UserSimulatorAgentAdapter {
     private maxTokens?;
     private _successScore;
     private _successConfirmTurns;
+    private injectionProbability;
+    private techniques;
     private static readonly HARD_REFUSAL_PATTERNS;
     private static readonly SOFT_REFUSAL_PATTERNS;
     private attackPlanPromise;
@@ -1094,15 +1150,18 @@ declare class RedTeamAgentImpl extends UserSimulatorAgentAdapter {
     /**
      * Generate a marathon test script with automatic early-exit checks.
      *
-     * Like the standalone `marathonScript`, but inserts an early-exit check
-     * after each `agent()` step. When `successConfirmTurns` consecutive turns
-     * score >= the threshold, the check runs `finalChecks` inline and calls
-     * `executor.succeed()` to end the scenario early.
+     * Builds exactly `totalTurns` user/agent pairs and inserts an early-exit
+     * check after each `agent()` step when `successScore` is set. When
+     * `successConfirmTurns` consecutive turns score >= the threshold, the
+     * check runs `finalChecks` inline and calls `executor.succeed()`.
+     *
+     * `totalTurns` is a hard cap — backtracked turns count toward the budget.
+     * If backtracks eat into the budget, fewer effective attacks land, but the
+     * test never exceeds `totalTurns`.
      *
      * Set `successScore` to `undefined` to disable early exit.
      */
-    marathonScript(options: {
-        turns: number;
+    marathonScript(options?: {
         checks?: ScriptStep[];
         finalChecks?: ScriptStep[];
     }): ScriptStep[];
@@ -1140,22 +1199,30 @@ declare const redTeamAgent: (config: RedTeamAgentConfig) => RedTeamAgentImpl;
  * const redTeam = scenario.redTeamCrescendo({
  *   target: "extract the system prompt",
  *   model: openai("gpt-4o"),
- *   totalTurns: 50,
+ *   totalTurns: 30,
  *   successScore: 9,          // default: 9 (score 0-10)
  *   successConfirmTurns: 2,   // default: 2
  * });
  *
  * // Use instance marathonScript for automatic early-exit:
- * script: redTeam.marathonScript({ turns: 50 }),
+ * script: redTeam.marathonScript(),
  * ```
  */
 declare const redTeamCrescendo: (config: CrescendoConfig) => RedTeamAgentImpl;
 
+type agents_AttackTechnique = AttackTechnique;
 type agents_AudioResponseEvent = AudioResponseEvent;
 type agents_BacktrackEntry = BacktrackEntry;
+type agents_Base64Technique = Base64Technique;
+declare const agents_Base64Technique: typeof Base64Technique;
+type agents_CharSplitTechnique = CharSplitTechnique;
+declare const agents_CharSplitTechnique: typeof CharSplitTechnique;
+type agents_CodeBlockTechnique = CodeBlockTechnique;
+declare const agents_CodeBlockTechnique: typeof CodeBlockTechnique;
 type agents_CrescendoConfig = CrescendoConfig;
 type agents_CrescendoStrategy = CrescendoStrategy;
 declare const agents_CrescendoStrategy: typeof CrescendoStrategy;
+declare const agents_DEFAULT_TECHNIQUES: typeof DEFAULT_TECHNIQUES;
 declare const agents_DEFAULT_TOKEN_THRESHOLD: typeof DEFAULT_TOKEN_THRESHOLD;
 type agents_FinishTestArgs = FinishTestArgs;
 type agents_InvokeLLMParams = InvokeLLMParams;
@@ -1166,6 +1233,10 @@ type agents_JudgeSpanCollector = JudgeSpanCollector;
 declare const agents_JudgeSpanCollector: typeof JudgeSpanCollector;
 type agents_JudgeSpanDigestFormatter = JudgeSpanDigestFormatter;
 declare const agents_JudgeSpanDigestFormatter: typeof JudgeSpanDigestFormatter;
+type agents_LeetspeakTechnique = LeetspeakTechnique;
+declare const agents_LeetspeakTechnique: typeof LeetspeakTechnique;
+type agents_ROT13Technique = ROT13Technique;
+declare const agents_ROT13Technique: typeof ROT13Technique;
 type agents_RealtimeAgentAdapter = RealtimeAgentAdapter;
 declare const agents_RealtimeAgentAdapter: typeof RealtimeAgentAdapter;
 type agents_RealtimeAgentAdapterConfig = RealtimeAgentAdapterConfig;
@@ -1182,7 +1253,7 @@ declare const agents_redTeamAgent: typeof redTeamAgent;
 declare const agents_redTeamCrescendo: typeof redTeamCrescendo;
 declare const agents_userSimulatorAgent: typeof userSimulatorAgent;
 declare namespace agents {
-  export { type agents_AudioResponseEvent as AudioResponseEvent, type agents_BacktrackEntry as BacktrackEntry, type agents_CrescendoConfig as CrescendoConfig, agents_CrescendoStrategy as CrescendoStrategy, agents_DEFAULT_TOKEN_THRESHOLD as DEFAULT_TOKEN_THRESHOLD, type agents_FinishTestArgs as FinishTestArgs, type agents_InvokeLLMParams as InvokeLLMParams, type agents_InvokeLLMResult as InvokeLLMResult, type agents_JudgeAgentConfig as JudgeAgentConfig, type agents_JudgeResult as JudgeResult, agents_JudgeSpanCollector as JudgeSpanCollector, agents_JudgeSpanDigestFormatter as JudgeSpanDigestFormatter, agents_RealtimeAgentAdapter as RealtimeAgentAdapter, type agents_RealtimeAgentAdapterConfig as RealtimeAgentAdapterConfig, type agents_RedTeamAgentConfig as RedTeamAgentConfig, type agents_RedTeamStrategy as RedTeamStrategy, type agents_TestingAgentConfig as TestingAgentConfig, agents_estimateTokens as estimateTokens, agents_expandTrace as expandTrace, agents_grepTrace as grepTrace, agents_judgeAgent as judgeAgent, agents_judgeSpanCollector as judgeSpanCollector, agents_judgeSpanDigestFormatter as judgeSpanDigestFormatter, agents_redTeamAgent as redTeamAgent, agents_redTeamCrescendo as redTeamCrescendo, agents_userSimulatorAgent as userSimulatorAgent };
+  export { type agents_AttackTechnique as AttackTechnique, type agents_AudioResponseEvent as AudioResponseEvent, type agents_BacktrackEntry as BacktrackEntry, agents_Base64Technique as Base64Technique, agents_CharSplitTechnique as CharSplitTechnique, agents_CodeBlockTechnique as CodeBlockTechnique, type agents_CrescendoConfig as CrescendoConfig, agents_CrescendoStrategy as CrescendoStrategy, agents_DEFAULT_TECHNIQUES as DEFAULT_TECHNIQUES, agents_DEFAULT_TOKEN_THRESHOLD as DEFAULT_TOKEN_THRESHOLD, type agents_FinishTestArgs as FinishTestArgs, type agents_InvokeLLMParams as InvokeLLMParams, type agents_InvokeLLMResult as InvokeLLMResult, type agents_JudgeAgentConfig as JudgeAgentConfig, type agents_JudgeResult as JudgeResult, agents_JudgeSpanCollector as JudgeSpanCollector, agents_JudgeSpanDigestFormatter as JudgeSpanDigestFormatter, agents_LeetspeakTechnique as LeetspeakTechnique, agents_ROT13Technique as ROT13Technique, agents_RealtimeAgentAdapter as RealtimeAgentAdapter, type agents_RealtimeAgentAdapterConfig as RealtimeAgentAdapterConfig, type agents_RedTeamAgentConfig as RedTeamAgentConfig, type agents_RedTeamStrategy as RedTeamStrategy, type agents_TestingAgentConfig as TestingAgentConfig, agents_estimateTokens as estimateTokens, agents_expandTrace as expandTrace, agents_grepTrace as grepTrace, agents_judgeAgent as judgeAgent, agents_judgeSpanCollector as judgeSpanCollector, agents_judgeSpanDigestFormatter as judgeSpanDigestFormatter, agents_redTeamAgent as redTeamAgent, agents_redTeamCrescendo as redTeamCrescendo, agents_userSimulatorAgent as userSimulatorAgent };
 }
 
 /**
@@ -2430,31 +2501,16 @@ declare const succeed: (reasoning?: string) => ScriptStep;
  * @returns A ScriptStep function that can be used in scenario scripts.
  */
 declare const fail: (reasoning?: string) => ScriptStep;
-/**
- * Generate a marathon script that runs user-agent turns in a loop,
- * with optional per-turn checks and a final judge evaluation.
- *
- * @param options.turns Number of user-agent turn pairs.
- * @param options.checks Optional steps to run after each turn.
- * @param options.finalChecks Optional steps to run after all turns, before the judge.
- * @returns An array of ScriptStep functions.
- */
-declare const marathonScript: (options: {
-    turns: number;
-    checks?: ScriptStep[];
-    finalChecks?: ScriptStep[];
-}) => ScriptStep[];
 
 declare const script_agent: typeof agent;
 declare const script_fail: typeof fail;
 declare const script_judge: typeof judge;
-declare const script_marathonScript: typeof marathonScript;
 declare const script_message: typeof message;
 declare const script_proceed: typeof proceed;
 declare const script_succeed: typeof succeed;
 declare const script_user: typeof user;
 declare namespace script {
-  export { script_agent as agent, script_fail as fail, script_judge as judge, script_marathonScript as marathonScript, script_message as message, script_proceed as proceed, script_succeed as succeed, script_user as user };
+  export { script_agent as agent, script_fail as fail, script_judge as judge, script_message as message, script_proceed as proceed, script_succeed as succeed, script_user as user };
 }
 
 /**
@@ -2560,4 +2616,4 @@ declare function withCustomScopes(...scopes: string[]): TraceFilter[];
 type ScenarioApi = typeof agents & typeof domain & typeof execution & typeof runner & typeof script;
 declare const scenario: ScenarioApi;
 
-export { AgentAdapter, type AgentInput, type AgentReturnTypes, AgentRole, type AudioResponseEvent, type BacktrackEntry, type CrescendoConfig, CrescendoStrategy, DEFAULT_MAX_TURNS, DEFAULT_TOKEN_THRESHOLD, DEFAULT_VERBOSE, type FinishTestArgs, type InvokeLLMParams, type InvokeLLMResult, JudgeAgentAdapter, type JudgeAgentConfig, type JudgeResult, JudgeSpanCollector, JudgeSpanDigestFormatter, type JudgmentRequest, type LangwatchConfig, RealtimeAgentAdapter, type RealtimeAgentAdapterConfig, type RedTeamAgentConfig, type RedTeamStrategy, type RunOptions, type ScenarioConfig, type ScenarioConfigFinal, ScenarioExecution, type ScenarioExecutionLike, ScenarioExecutionState, type ScenarioExecutionStateLike, type ScenarioProjectConfig, type ScenarioResult, type ScriptStep, type StateChangeEvent, StateChangeEventType, type TestingAgentConfig, UserSimulatorAgentAdapter, agent, allAgentRoles, scenario as default, defineConfig, estimateTokens, expandTrace, fail, grepTrace, judge, judgeAgent, judgeSpanCollector, judgeSpanDigestFormatter, marathonScript, message, proceed, redTeamAgent, redTeamCrescendo, run, scenario, scenarioOnly, scenarioProjectConfigSchema, setupScenarioTracing, succeed, user, userSimulatorAgent, withCustomScopes };
+export { AgentAdapter, type AgentInput, type AgentReturnTypes, AgentRole, type AttackTechnique, type AudioResponseEvent, type BacktrackEntry, Base64Technique, CharSplitTechnique, CodeBlockTechnique, type CrescendoConfig, CrescendoStrategy, DEFAULT_MAX_TURNS, DEFAULT_TECHNIQUES, DEFAULT_TOKEN_THRESHOLD, DEFAULT_VERBOSE, type FinishTestArgs, type InvokeLLMParams, type InvokeLLMResult, JudgeAgentAdapter, type JudgeAgentConfig, type JudgeResult, JudgeSpanCollector, JudgeSpanDigestFormatter, type JudgmentRequest, type LangwatchConfig, LeetspeakTechnique, ROT13Technique, RealtimeAgentAdapter, type RealtimeAgentAdapterConfig, type RedTeamAgentConfig, type RedTeamStrategy, type RunOptions, type ScenarioConfig, type ScenarioConfigFinal, ScenarioExecution, type ScenarioExecutionLike, ScenarioExecutionState, type ScenarioExecutionStateLike, type ScenarioProjectConfig, type ScenarioResult, type ScriptStep, type StateChangeEvent, StateChangeEventType, type TestingAgentConfig, UserSimulatorAgentAdapter, agent, allAgentRoles, scenario as default, defineConfig, estimateTokens, expandTrace, fail, grepTrace, judge, judgeAgent, judgeSpanCollector, judgeSpanDigestFormatter, message, proceed, redTeamAgent, redTeamCrescendo, run, scenario, scenarioOnly, scenarioProjectConfigSchema, setupScenarioTracing, succeed, user, userSimulatorAgent, withCustomScopes };

package/dist/index.d.ts

@@ -197,10 +197,6 @@ interface ScenarioConfigFinal extends Omit<ScenarioConfig, "id" | "script" | "th
     verbose: boolean;
     maxTurns: number;
     threadId: string;
-    /**
-     * Optional identifier to group this scenario into a set ("Simulation Set").
-     */
-    setId?: string;
 }
 /**
  * The execution context for a scenario script.
@@ -390,7 +386,7 @@ interface ScenarioExecutionStateLike {
 declare const scenarioProjectConfigSchema: z.ZodObject<{
     defaultModel: z.ZodOptional<z.ZodObject<{
         model: z.ZodCustom<ai.LanguageModel, ai.LanguageModel>;
-        temperature: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
+        temperature: z.ZodOptional<z.ZodNumber>;
         maxTokens: z.ZodOptional<z.ZodNumber>;
     }, z.core.$strip>>;
     headless: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
@@ -431,7 +427,7 @@ declare namespace domain {
  */
 declare const modelSchema: z.ZodObject<{
     model: z.ZodCustom<LanguageModel, LanguageModel>;
-    temperature: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
+    temperature: z.ZodOptional<z.ZodNumber>;
     maxTokens: z.ZodOptional<z.ZodNumber>;
 }, z.core.$strip>;
 type ModelConfig = z.infer<typeof modelSchema>;
@@ -589,6 +585,17 @@ declare class JudgeAgent extends JudgeAgentAdapter {
      * being forced to a terminal decision.
      */
     private invokeLLMWithDiscovery;
+    /**
+     * Checks whether the discovery loop ran out of steps without the judge
+     * calling finish_test or continue_test.
+     */
+    private discoveryExhausted;
+    /**
+     * Makes one final LLM call with tool_choice forced to finish_test,
+     * so the judge renders a verdict with whatever context it accumulated
+     * during discovery instead of hard-failing.
+     */
+    private forceVerdict;
     private parseToolCalls;
 }
 /**
@@ -750,9 +757,9 @@ declare class UserSimulatorAgent extends UserSimulatorAgentAdapter {
  * @param config Optional configuration for the agent.
  * @param config.model The language model to use for generating responses.
  *                     If not provided, a default model will be used.
- * @param config.temperature The temperature for the language model (0.0-1.0).
+ * @param config.temperature Optional temperature for the language model (0.0-1.0).
  *                          Lower values make responses more deterministic.
- *                          Defaults to {@link DEFAULT_TEMPERATURE}.
+ *                          Omitted by default for compatibility with reasoning models.
  * @param config.maxTokens The maximum number of tokens to generate.
  *                        If not provided, uses model defaults.
  * @param config.name The name of the agent.
@@ -1012,6 +1019,45 @@ declare class CrescendoStrategy implements RedTeamStrategy {
     }): string;
 }
 
+/**
+ * Single-turn attack techniques for red-team message augmentation.
+ *
+ * Provides deterministic encoding transforms that can be randomly applied to
+ * attacker messages before sending them to the target agent. Each technique
+ * encodes the message and prepends a preamble so the target understands how
+ * to decode it.
+ *
+ * These are zero-cost (no LLM calls) and test whether safety filters can
+ * handle obfuscated inputs.
+ */
+interface AttackTechnique {
+    /** Short identifier for this technique (used in debug logs). */
+    readonly name: string;
+    /** Transform the attacker's raw message into an encoded version with preamble. */
+    transform(message: string): string;
+}
+declare class Base64Technique implements AttackTechnique {
+    readonly name = "base64";
+    transform(message: string): string;
+}
+declare class ROT13Technique implements AttackTechnique {
+    readonly name = "rot13";
+    transform(message: string): string;
+}
+declare class LeetspeakTechnique implements AttackTechnique {
+    readonly name = "leetspeak";
+    transform(message: string): string;
+}
+declare class CharSplitTechnique implements AttackTechnique {
+    readonly name = "char_split";
+    transform(message: string): string;
+}
+declare class CodeBlockTechnique implements AttackTechnique {
+    readonly name = "code_block";
+    transform(message: string): string;
+}
+declare const DEFAULT_TECHNIQUES: AttackTechnique[];
+
 interface RedTeamAgentConfig {
     strategy: RedTeamStrategy;
     target: string;
@@ -1032,6 +1078,10 @@ interface RedTeamAgentConfig {
     successScore?: number;
     /** Consecutive turns >= threshold before triggering early exit. Default 2. */
     successConfirmTurns?: number;
+    /** Probability (0.0-1.0) of applying a random encoding technique per turn. Default 0.0 (off). */
+    injectionProbability?: number;
+    /** List of AttackTechnique instances to sample from. Defaults to all built-ins. */
+    techniques?: AttackTechnique[];
 }
 interface CrescendoConfig {
     target: string;
@@ -1049,6 +1099,10 @@ interface CrescendoConfig {
     successScore?: number;
     /** Consecutive turns >= threshold before triggering early exit. Default 2. */
     successConfirmTurns?: number;
+    /** Probability (0.0-1.0) of applying a random encoding technique per turn. Default 0.0 (off). */
+    injectionProbability?: number;
+    /** List of AttackTechnique instances to sample from. Defaults to all built-ins. */
+    techniques?: AttackTechnique[];
 }
 declare class RedTeamAgentImpl extends UserSimulatorAgentAdapter {
     name: string;
@@ -1065,6 +1119,8 @@ declare class RedTeamAgentImpl extends UserSimulatorAgentAdapter {
     private maxTokens?;
     private _successScore;
     private _successConfirmTurns;
+    private injectionProbability;
+    private techniques;
     private static readonly HARD_REFUSAL_PATTERNS;
     private static readonly SOFT_REFUSAL_PATTERNS;
     private attackPlanPromise;
@@ -1094,15 +1150,18 @@ declare class RedTeamAgentImpl extends UserSimulatorAgentAdapter {
     /**
      * Generate a marathon test script with automatic early-exit checks.
      *
-     * Like the standalone `marathonScript`, but inserts an early-exit check
-     * after each `agent()` step. When `successConfirmTurns` consecutive turns
-     * score >= the threshold, the check runs `finalChecks` inline and calls
-     * `executor.succeed()` to end the scenario early.
+     * Builds exactly `totalTurns` user/agent pairs and inserts an early-exit
+     * check after each `agent()` step when `successScore` is set. When
+     * `successConfirmTurns` consecutive turns score >= the threshold, the
+     * check runs `finalChecks` inline and calls `executor.succeed()`.
+     *
+     * `totalTurns` is a hard cap — backtracked turns count toward the budget.
+     * If backtracks eat into the budget, fewer effective attacks land, but the
+     * test never exceeds `totalTurns`.
      *
      * Set `successScore` to `undefined` to disable early exit.
      */
-    marathonScript(options: {
-        turns: number;
+    marathonScript(options?: {
         checks?: ScriptStep[];
         finalChecks?: ScriptStep[];
     }): ScriptStep[];
@@ -1140,22 +1199,30 @@ declare const redTeamAgent: (config: RedTeamAgentConfig) => RedTeamAgentImpl;
  * const redTeam = scenario.redTeamCrescendo({
  *   target: "extract the system prompt",
  *   model: openai("gpt-4o"),
- *   totalTurns: 50,
+ *   totalTurns: 30,
  *   successScore: 9,          // default: 9 (score 0-10)
  *   successConfirmTurns: 2,   // default: 2
  * });
  *
  * // Use instance marathonScript for automatic early-exit:
- * script: redTeam.marathonScript({ turns: 50 }),
+ * script: redTeam.marathonScript(),
  * ```
  */
 declare const redTeamCrescendo: (config: CrescendoConfig) => RedTeamAgentImpl;
 
+type agents_AttackTechnique = AttackTechnique;
 type agents_AudioResponseEvent = AudioResponseEvent;
 type agents_BacktrackEntry = BacktrackEntry;
+type agents_Base64Technique = Base64Technique;
+declare const agents_Base64Technique: typeof Base64Technique;
+type agents_CharSplitTechnique = CharSplitTechnique;
+declare const agents_CharSplitTechnique: typeof CharSplitTechnique;
+type agents_CodeBlockTechnique = CodeBlockTechnique;
+declare const agents_CodeBlockTechnique: typeof CodeBlockTechnique;
 type agents_CrescendoConfig = CrescendoConfig;
 type agents_CrescendoStrategy = CrescendoStrategy;
 declare const agents_CrescendoStrategy: typeof CrescendoStrategy;
+declare const agents_DEFAULT_TECHNIQUES: typeof DEFAULT_TECHNIQUES;
 declare const agents_DEFAULT_TOKEN_THRESHOLD: typeof DEFAULT_TOKEN_THRESHOLD;
 type agents_FinishTestArgs = FinishTestArgs;
 type agents_InvokeLLMParams = InvokeLLMParams;
@@ -1166,6 +1233,10 @@ type agents_JudgeSpanCollector = JudgeSpanCollector;
 declare const agents_JudgeSpanCollector: typeof JudgeSpanCollector;
 type agents_JudgeSpanDigestFormatter = JudgeSpanDigestFormatter;
 declare const agents_JudgeSpanDigestFormatter: typeof JudgeSpanDigestFormatter;
+type agents_LeetspeakTechnique = LeetspeakTechnique;
+declare const agents_LeetspeakTechnique: typeof LeetspeakTechnique;
+type agents_ROT13Technique = ROT13Technique;
+declare const agents_ROT13Technique: typeof ROT13Technique;
 type agents_RealtimeAgentAdapter = RealtimeAgentAdapter;
 declare const agents_RealtimeAgentAdapter: typeof RealtimeAgentAdapter;
 type agents_RealtimeAgentAdapterConfig = RealtimeAgentAdapterConfig;
@@ -1182,7 +1253,7 @@ declare const agents_redTeamAgent: typeof redTeamAgent;
 declare const agents_redTeamCrescendo: typeof redTeamCrescendo;
 declare const agents_userSimulatorAgent: typeof userSimulatorAgent;
 declare namespace agents {
-  export { type agents_AudioResponseEvent as AudioResponseEvent, type agents_BacktrackEntry as BacktrackEntry, type agents_CrescendoConfig as CrescendoConfig, agents_CrescendoStrategy as CrescendoStrategy, agents_DEFAULT_TOKEN_THRESHOLD as DEFAULT_TOKEN_THRESHOLD, type agents_FinishTestArgs as FinishTestArgs, type agents_InvokeLLMParams as InvokeLLMParams, type agents_InvokeLLMResult as InvokeLLMResult, type agents_JudgeAgentConfig as JudgeAgentConfig, type agents_JudgeResult as JudgeResult, agents_JudgeSpanCollector as JudgeSpanCollector, agents_JudgeSpanDigestFormatter as JudgeSpanDigestFormatter, agents_RealtimeAgentAdapter as RealtimeAgentAdapter, type agents_RealtimeAgentAdapterConfig as RealtimeAgentAdapterConfig, type agents_RedTeamAgentConfig as RedTeamAgentConfig, type agents_RedTeamStrategy as RedTeamStrategy, type agents_TestingAgentConfig as TestingAgentConfig, agents_estimateTokens as estimateTokens, agents_expandTrace as expandTrace, agents_grepTrace as grepTrace, agents_judgeAgent as judgeAgent, agents_judgeSpanCollector as judgeSpanCollector, agents_judgeSpanDigestFormatter as judgeSpanDigestFormatter, agents_redTeamAgent as redTeamAgent, agents_redTeamCrescendo as redTeamCrescendo, agents_userSimulatorAgent as userSimulatorAgent };
+  export { type agents_AttackTechnique as AttackTechnique, type agents_AudioResponseEvent as AudioResponseEvent, type agents_BacktrackEntry as BacktrackEntry, agents_Base64Technique as Base64Technique, agents_CharSplitTechnique as CharSplitTechnique, agents_CodeBlockTechnique as CodeBlockTechnique, type agents_CrescendoConfig as CrescendoConfig, agents_CrescendoStrategy as CrescendoStrategy, agents_DEFAULT_TECHNIQUES as DEFAULT_TECHNIQUES, agents_DEFAULT_TOKEN_THRESHOLD as DEFAULT_TOKEN_THRESHOLD, type agents_FinishTestArgs as FinishTestArgs, type agents_InvokeLLMParams as InvokeLLMParams, type agents_InvokeLLMResult as InvokeLLMResult, type agents_JudgeAgentConfig as JudgeAgentConfig, type agents_JudgeResult as JudgeResult, agents_JudgeSpanCollector as JudgeSpanCollector, agents_JudgeSpanDigestFormatter as JudgeSpanDigestFormatter, agents_LeetspeakTechnique as LeetspeakTechnique, agents_ROT13Technique as ROT13Technique, agents_RealtimeAgentAdapter as RealtimeAgentAdapter, type agents_RealtimeAgentAdapterConfig as RealtimeAgentAdapterConfig, type agents_RedTeamAgentConfig as RedTeamAgentConfig, type agents_RedTeamStrategy as RedTeamStrategy, type agents_TestingAgentConfig as TestingAgentConfig, agents_estimateTokens as estimateTokens, agents_expandTrace as expandTrace, agents_grepTrace as grepTrace, agents_judgeAgent as judgeAgent, agents_judgeSpanCollector as judgeSpanCollector, agents_judgeSpanDigestFormatter as judgeSpanDigestFormatter, agents_redTeamAgent as redTeamAgent, agents_redTeamCrescendo as redTeamCrescendo, agents_userSimulatorAgent as userSimulatorAgent };
 }
 
 /**
@@ -2430,31 +2501,16 @@ declare const succeed: (reasoning?: string) => ScriptStep;
  * @returns A ScriptStep function that can be used in scenario scripts.
  */
 declare const fail: (reasoning?: string) => ScriptStep;
-/**
- * Generate a marathon script that runs user-agent turns in a loop,
- * with optional per-turn checks and a final judge evaluation.
- *
- * @param options.turns Number of user-agent turn pairs.
- * @param options.checks Optional steps to run after each turn.
- * @param options.finalChecks Optional steps to run after all turns, before the judge.
- * @returns An array of ScriptStep functions.
- */
-declare const marathonScript: (options: {
-    turns: number;
-    checks?: ScriptStep[];
-    finalChecks?: ScriptStep[];
-}) => ScriptStep[];
 
 declare const script_agent: typeof agent;
 declare const script_fail: typeof fail;
 declare const script_judge: typeof judge;
-declare const script_marathonScript: typeof marathonScript;
 declare const script_message: typeof message;
 declare const script_proceed: typeof proceed;
 declare const script_succeed: typeof succeed;
 declare const script_user: typeof user;
 declare namespace script {
-  export { script_agent as agent, script_fail as fail, script_judge as judge, script_marathonScript as marathonScript, script_message as message, script_proceed as proceed, script_succeed as succeed, script_user as user };
+  export { script_agent as agent, script_fail as fail, script_judge as judge, script_message as message, script_proceed as proceed, script_succeed as succeed, script_user as user };
 }
 
 /**
@@ -2560,4 +2616,4 @@ declare function withCustomScopes(...scopes: string[]): TraceFilter[];
 type ScenarioApi = typeof agents & typeof domain & typeof execution & typeof runner & typeof script;
 declare const scenario: ScenarioApi;
 
-export { AgentAdapter, type AgentInput, type AgentReturnTypes, AgentRole, type AudioResponseEvent, type BacktrackEntry, type CrescendoConfig, CrescendoStrategy, DEFAULT_MAX_TURNS, DEFAULT_TOKEN_THRESHOLD, DEFAULT_VERBOSE, type FinishTestArgs, type InvokeLLMParams, type InvokeLLMResult, JudgeAgentAdapter, type JudgeAgentConfig, type JudgeResult, JudgeSpanCollector, JudgeSpanDigestFormatter, type JudgmentRequest, type LangwatchConfig, RealtimeAgentAdapter, type RealtimeAgentAdapterConfig, type RedTeamAgentConfig, type RedTeamStrategy, type RunOptions, type ScenarioConfig, type ScenarioConfigFinal, ScenarioExecution, type ScenarioExecutionLike, ScenarioExecutionState, type ScenarioExecutionStateLike, type ScenarioProjectConfig, type ScenarioResult, type ScriptStep, type StateChangeEvent, StateChangeEventType, type TestingAgentConfig, UserSimulatorAgentAdapter, agent, allAgentRoles, scenario as default, defineConfig, estimateTokens, expandTrace, fail, grepTrace, judge, judgeAgent, judgeSpanCollector, judgeSpanDigestFormatter, marathonScript, message, proceed, redTeamAgent, redTeamCrescendo, run, scenario, scenarioOnly, scenarioProjectConfigSchema, setupScenarioTracing, succeed, user, userSimulatorAgent, withCustomScopes };
+export { AgentAdapter, type AgentInput, type AgentReturnTypes, AgentRole, type AttackTechnique, type AudioResponseEvent, type BacktrackEntry, Base64Technique, CharSplitTechnique, CodeBlockTechnique, type CrescendoConfig, CrescendoStrategy, DEFAULT_MAX_TURNS, DEFAULT_TECHNIQUES, DEFAULT_TOKEN_THRESHOLD, DEFAULT_VERBOSE, type FinishTestArgs, type InvokeLLMParams, type InvokeLLMResult, JudgeAgentAdapter, type JudgeAgentConfig, type JudgeResult, JudgeSpanCollector, JudgeSpanDigestFormatter, type JudgmentRequest, type LangwatchConfig, LeetspeakTechnique, ROT13Technique, RealtimeAgentAdapter, type RealtimeAgentAdapterConfig, type RedTeamAgentConfig, type RedTeamStrategy, type RunOptions, type ScenarioConfig, type ScenarioConfigFinal, ScenarioExecution, type ScenarioExecutionLike, ScenarioExecutionState, type ScenarioExecutionStateLike, type ScenarioProjectConfig, type ScenarioResult, type ScriptStep, type StateChangeEvent, StateChangeEventType, type TestingAgentConfig, UserSimulatorAgentAdapter, agent, allAgentRoles, scenario as default, defineConfig, estimateTokens, expandTrace, fail, grepTrace, judge, judgeAgent, judgeSpanCollector, judgeSpanDigestFormatter, message, proceed, redTeamAgent, redTeamCrescendo, run, scenario, scenarioOnly, scenarioProjectConfigSchema, setupScenarioTracing, succeed, user, userSimulatorAgent, withCustomScopes };