shield-llm 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/shield-llm.js +2 -2
- package/dist/{chunk-6HLD55BG.js → chunk-XTU2RLZM.js} +5 -1
- package/dist/cli.js +2 -2
- package/dist/index.js +1 -1
- package/dist/report-template.hbs +1726 -1726
- package/package.json +10 -1
package/bin/shield-llm.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
#!/usr/bin/env node
|
|
2
|
-
import "../dist/cli.js";
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
import "../dist/cli.js";
|
|
@@ -2411,6 +2411,9 @@ function extractQuotedText(text2) {
|
|
|
2411
2411
|
}
|
|
2412
2412
|
return results;
|
|
2413
2413
|
}
|
|
2414
|
+
function escapeHtml(str) {
|
|
2415
|
+
return str.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">").replace(/"/g, """).replace(/'/g, "'");
|
|
2416
|
+
}
|
|
2414
2417
|
|
|
2415
2418
|
// ../../packages/shared/src/remediation/types.ts
|
|
2416
2419
|
var LAYER_META = {
|
|
@@ -24059,8 +24062,9 @@ function buildOwaspCoverage(map) {
|
|
|
24059
24062
|
});
|
|
24060
24063
|
}
|
|
24061
24064
|
function buildExecutiveSummary(totalVulns, critical, crescendo, combo, high, medium, totalTests, target) {
|
|
24065
|
+
const safeTarget = escapeHtml(target);
|
|
24062
24066
|
if (totalVulns === 0) {
|
|
24063
|
-
return `The assessment identified <strong>no vulnerabilities</strong> across ${totalTests} automated tests mapped to the OWASP LLM Top 10 2025 framework. The chatbot at <strong>${
|
|
24067
|
+
return `The assessment identified <strong>no vulnerabilities</strong> across ${totalTests} automated tests mapped to the OWASP LLM Top 10 2025 framework. The chatbot at <strong>${safeTarget}</strong> successfully defended against all attack vectors tested. No immediate action is required.`;
|
|
24064
24068
|
}
|
|
24065
24069
|
const parts = [];
|
|
24066
24070
|
if (critical > 0) parts.push(`${critical} critical`);
|
package/dist/cli.js
CHANGED
|
@@ -16,7 +16,7 @@ import {
|
|
|
16
16
|
generatePdf,
|
|
17
17
|
loadConfig,
|
|
18
18
|
loadSystemPrompt
|
|
19
|
-
} from "./chunk-
|
|
19
|
+
} from "./chunk-XTU2RLZM.js";
|
|
20
20
|
import "./chunk-7D5WVZW5.js";
|
|
21
21
|
|
|
22
22
|
// src/cli.ts
|
|
@@ -1344,7 +1344,7 @@ process.on("uncaughtException", (err) => {
|
|
|
1344
1344
|
});
|
|
1345
1345
|
var program = new Command();
|
|
1346
1346
|
program.exitOverride();
|
|
1347
|
-
program.name("shield-llm").description("AI chatbot security scanner \u2014 automated red teaming for LLMs").version("0.1.
|
|
1347
|
+
program.name("shield-llm").description("AI chatbot security scanner \u2014 automated red teaming for LLMs").version("0.1.1");
|
|
1348
1348
|
program.command("scan").description("Run a security scan against a target chatbot").option("-c, --config <path>", "Path to shield.config.json").option("-p, --provider <name>", "Target provider (openai, mistral)").option("-m, --model <name>", "Target model name").option("-e, --endpoint <url>", "Target chatbot HTTP endpoint URL").option("--auth <type>", "Auth type: bearer, api-key, oauth2").option("--token <value>", "Bearer token or API key value").option("--auth-header <name>", "Custom auth header name (for api-key auth)").option(
|
|
1349
1349
|
"--response-field <path>",
|
|
1350
1350
|
"Dot-notation path to response text in JSON (default: response)"
|