hackagent 0.4.3__tar.gz → 0.4.4__tar.gz

{hackagent-0.4.3 → hackagent-0.4.4}/.gitignore

@@ -3,6 +3,7 @@ logs/
 *.sbatch
 .ruff_cache/
 reports/
+.adk/
 
 # Editors
 .vscode/

{hackagent-0.4.3 → hackagent-0.4.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: hackagent
-Version: 0.4.3
+Version: 0.4.4
 Summary: HackAgent is an open-source security toolkit to detect vulnerabilities of your AI Agents.
 Author-email: AI Security Lab <ais@ai4i.it>
 License: Apache-2.0

{hackagent-0.4.3 → hackagent-0.4.4}/hackagent/attacks/techniques/advprefix/evaluation.py

@@ -320,7 +320,13 @@ class EvaluationPipeline:
                 if "explanation_nj" in row:
                     eval_notes_parts.append(f"NJ explanation: {row['explanation_nj']}")
 
-            evaluation_notes = " | ".join(eval_notes_parts) if eval_notes_parts else ""
+            # Provide a default evaluation_notes value if none found
+            # The backend API requires this field to be non-null
+            evaluation_notes = (
+                " | ".join(eval_notes_parts)
+                if eval_notes_parts
+                else "No evaluation scores available"
+            )
 
             # Update the result status on the server
             try:
@@ -562,21 +568,32 @@ class EvaluationPipeline:
         self, original_data: List[Dict], judge_results: Dict[str, List[Dict]]
     ) -> List[Dict]:
         """Merge evaluation results from multiple judges."""
+
+        def _normalize_key_value(key_name: str, value: Any) -> Any:
+            """Normalize key values for consistent matching.
+
+            The evaluator's prepare_responses() converts None to "" for string fields,
+            so we need to apply the same normalization when building lookup keys.
+            """
+            if key_name in ("goal", "prefix", "completion"):
+                return str(value) if value is not None else ""
+            return value
+
         # Build lookup dictionaries keyed by merge keys
         for judge_type, judge_data in judge_results.items():
             eval_cols = JUDGE_COLUMN_MAP.get(judge_type, [])
             if not judge_data:
                 continue
 
-            # Build lookup by merge keys
+            # Build lookup by merge keys (normalized)
             lookup = {}
             for row in judge_data:
-                key = tuple(row.get(k) for k in MERGE_KEYS)
+                key = tuple(_normalize_key_value(k, row.get(k)) for k in MERGE_KEYS)
                 lookup[key] = {col: row.get(col) for col in eval_cols if col in row}
 
-            # Merge into original data
+            # Merge into original data (using same normalization)
             for row in original_data:
-                key = tuple(row.get(k) for k in MERGE_KEYS)
+                key = tuple(_normalize_key_value(k, row.get(k)) for k in MERGE_KEYS)
                 if key in lookup:
                     row.update(lookup[key])
 

{hackagent-0.4.3 → hackagent-0.4.4}/hackagent/attacks/techniques/advprefix/evaluators.py

@@ -638,9 +638,16 @@ Answer with only "yes" or "no"."""
         config: EvaluatorConfig,
         run_id: Optional[str] = None,
         tracking_client: Optional[AuthenticatedClient] = None,
+        tracker: Optional["Tracker"] = None,
     ):
         """Initialize the HarmBench evaluator."""
-        super().__init__(client, config, run_id=run_id, tracking_client=tracking_client)
+        super().__init__(
+            client,
+            config,
+            run_id=run_id,
+            tracking_client=tracking_client,
+            tracker=tracker,
+        )
         if not self.config.model_id:
             self.logger.warning("HarmBenchEvaluator model_id not specified")
         if not self.agent_router or not self.agent_registration_key:

{hackagent-0.4.3 → hackagent-0.4.4}/hackagent/attacks/techniques/base.py

@@ -403,7 +403,7 @@ class BaseAttack(abc.ABC):
 
         if is_success:
             eval_status = EvaluationStatusEnum.PASSED_CRITERIA
-            eval_notes = None
+            eval_notes = "Pipeline completed successfully."
             run_status = StatusEnum.COMPLETED
         else:
             eval_status = EvaluationStatusEnum.FAILED_CRITERIA

{hackagent-0.4.3 → hackagent-0.4.4}/hackagent/router/adapters/google_adk.py

@@ -99,13 +99,22 @@ class ADKAgent(Agent):
         self.endpoint: str = endpoint_raw.strip("/")
         self.request_timeout: int = self._get_config_key("request_timeout", 120)
 
+        # Option to use a fresh session for each request (useful for attack scenarios
+        # where session state pollution can cause issues)
+        self.fresh_session_per_request: bool = self._get_config_key(
+            "fresh_session_per_request", True
+        )
+
         # Generate a unique session ID for this adapter instance
         # This keeps session state persistent across multiple requests to the same agent
         import uuid
 
         self.session_id: str = self._get_config_key("session_id", str(uuid.uuid4()))
 
-        self.logger.info(f"ADKAgent initialized with session_id: {self.session_id}")
+        self.logger.info(
+            f"ADKAgent initialized with session_id: {self.session_id}, "
+            f"fresh_session_per_request: {self.fresh_session_per_request}"
+        )
 
     def _initialize_session(
         self, session_id_to_init: str, initial_state: Optional[dict] = None
@@ -330,7 +339,8 @@ class ADKAgent(Agent):
         try:
             response.raise_for_status()
         except requests.exceptions.HTTPError as http_err:
-            status = http_err.response.status_code if http_err.response else "Unknown"
+            # Use response.status_code directly since we have the response object
+            status = response.status_code
             self.logger.error(
                 f"HTTP error {status} from {response.url}: {response_body_str}"
             )
@@ -584,9 +594,18 @@ class ADKAgent(Agent):
         )
 
         # Use adapter's instance session_id if not provided in request
-        session_id_to_use = (
-            session_id_from_request if session_id_from_request else self.session_id
-        )
+        # If fresh_session_per_request is enabled, generate a new UUID for each request
+        import uuid
+
+        if session_id_from_request:
+            session_id_to_use = session_id_from_request
+        elif self.fresh_session_per_request:
+            session_id_to_use = str(uuid.uuid4())
+            self.logger.debug(
+                f"Using fresh session ID for request: {session_id_to_use}"
+            )
+        else:
+            session_id_to_use = self.session_id
 
         initial_session_state = request_data.get("initial_session_state")  # Optional
 

{hackagent-0.4.3 → hackagent-0.4.4}/hackagent/router/router.py

@@ -865,6 +865,15 @@ class AgentRouter:
                 patch_kwargs["agent_type"] = agent_type.value
                 needs_update = True
 
+            # Check endpoint
+            current_endpoint = existing_agent.endpoint
+            if current_endpoint != endpoint_for_backend:
+                logger.info(
+                    f"Backend agent '{name}' exists but endpoint differs. Current: '{current_endpoint}', Requested: '{endpoint_for_backend}'. Will update."
+                )
+                patch_kwargs["endpoint"] = endpoint_for_backend
+                needs_update = True
+
             if needs_update and update_metadata_if_exists:
                 logger.info(
                     f"Backend agent '{name}' exists and needs update. Proceeding with update."

{hackagent-0.4.3 → hackagent-0.4.4}/hackagent/router/tracking/step.py

@@ -495,9 +495,11 @@ class StepTracker:
                 self.logger.warning("Cannot update result status: invalid result UUID")
                 return False
 
+            # Backend requires non-null evaluation_notes
+            notes = evaluation_notes if evaluation_notes else "Status updated"
             result_request = PatchedResultRequest(
                 evaluation_status=evaluation_status,
-                evaluation_notes=evaluation_notes,
+                evaluation_notes=notes,
                 agent_specific_data=agent_specific_data,
             )
 

{hackagent-0.4.3 → hackagent-0.4.4}/hackagent/router/tracking/tracker.py

@@ -52,6 +52,30 @@ from hackagent.models import (
     TraceRequest,
 )
 
+import math
+
+
+def _sanitize_for_json(obj: Any) -> Any:
+    """
+    Recursively sanitize an object for JSON serialization.
+
+    Converts inf/-inf to "Infinity"/"-Infinity" strings and NaN to "NaN".
+    This prevents JSON serialization errors for non-compliant float values.
+    """
+    if isinstance(obj, float):
+        if math.isinf(obj):
+            return "Infinity" if obj > 0 else "-Infinity"
+        if math.isnan(obj):
+            return "NaN"
+        return obj
+    elif isinstance(obj, dict):
+        return {k: _sanitize_for_json(v) for k, v in obj.items()}
+    elif isinstance(obj, list):
+        return [_sanitize_for_json(item) for item in obj]
+    elif isinstance(obj, tuple):
+        return tuple(_sanitize_for_json(item) for item in obj)
+    return obj
+
 
 @dataclass
 class Context:
@@ -276,6 +300,7 @@ class Tracker:
         score: Optional[float] = None,
         explanation: Optional[str] = None,
         evaluator_name: Optional[str] = None,
+        metadata: Optional[Dict[str, Any]] = None,
     ) -> None:
         """
         Add a trace for an evaluation step.
@@ -286,6 +311,7 @@ class Tracker:
             score: Optional numeric score
             explanation: Optional explanation text
             evaluator_name: Name of the evaluator used
+            metadata: Optional additional metadata
         """
         content = {
             "step_name": "Evaluation",
@@ -297,6 +323,8 @@ class Tracker:
             content["score"] = score
         if explanation:
             content["explanation"] = explanation
+        if metadata:
+            content["metadata"] = self._sanitize_for_json(metadata)
 
         self._add_trace(ctx, "Evaluation", StepTypeEnum.OTHER, content)
 
@@ -337,6 +365,9 @@ class Tracker:
         Returns:
             Trace ID if successful, None otherwise
         """
+        # Sanitize content to handle inf/nan values
+        sanitized_content = _sanitize_for_json(content)
+
         # Always track locally
         ctx.sequence_counter += 1
         trace_record = {
@@ -345,7 +376,7 @@ class Tracker:
             "step_type": (
                 step_type.value if hasattr(step_type, "value") else str(step_type)
             ),
-            "content": content,
+            "content": sanitized_content,
         }
         ctx.traces.append(trace_record)
 
@@ -359,7 +390,7 @@ class Tracker:
             trace_request = TraceRequest(
                 sequence=ctx.sequence_counter,
                 step_type=step_type,
-                content=content,
+                content=sanitized_content,
             )
 
             response = result_trace_create.sync_detailed(
@@ -431,9 +462,20 @@ class Tracker:
             else:
                 eval_status = EvaluationStatusEnum.FAILED_JAILBREAK
 
+            # Backend requires non-null evaluation_notes
+            notes = (
+                evaluation_notes
+                if evaluation_notes
+                else (
+                    "Goal completed successfully"
+                    if success
+                    else "Goal evaluation failed"
+                )
+            )
+
             result_request = PatchedResultRequest(
                 evaluation_status=eval_status,
-                evaluation_notes=evaluation_notes,
+                evaluation_notes=notes,
                 agent_specific_data={
                     **ctx.metadata,
                     "goal": ctx.goal,

{hackagent-0.4.3 → hackagent-0.4.4}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "hackagent"
-version = "0.4.3"
+version = "0.4.4"
 description = "HackAgent is an open-source security toolkit to detect vulnerabilities of your AI Agents."
 authors = [
     {name = "AI Security Lab", email = "ais@ai4i.it"}