PyPI - humanbound-cli - Versions diffs - 0.1.0__tar.gz → 0.3.0__tar.gz - Mend

humanbound-cli 0.1.0tar.gz → 0.3.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (53) hide show

{humanbound_cli-0.1.0/humanbound_cli.egg-info → humanbound_cli-0.3.0}/PKG-INFO RENAMED Viewed

@@ -1,11 +1,11 @@
 Metadata-Version: 2.1
 Name: humanbound-cli
-Version: 0.1.0
+Version: 0.3.0
 Summary: Humanbound CLI - command line interface for AI agent security testing.
-Author-email: Kostas Siabanis <hello@humanbound.io>, Demetris Gerogiannis <hello@humanbound.io>
+Author-email: Kostas Siabanis <hello@humanbound.ai>, Demetris Gerogiannis <hello@humanbound.ai>
 License: Apache-2.0
 Project-URL: Homepage, https://github.com/Humanbound/humanbound-cli
-Project-URL: Documentation, https://docs.humanbound.io/cli
+Project-URL: Documentation, https://docs.humanbound.ai/cli
 Project-URL: Issues, https://github.com/Humanbound/humanbound-cli/issues
 Classifier: Programming Language :: Python :: 3
 Classifier: License :: OSI Approved :: Apache Software License
@@ -19,18 +19,21 @@ Requires-Dist: click>=8.1.0
 Requires-Dist: rich>=13.0.0
 Requires-Dist: requests>=2.32.0
 Requires-Dist: pyyaml>=6.0.0
+Provides-Extra: serve
+Requires-Dist: websockets>=12.0; extra == "serve"
 Provides-Extra: pytest
 Requires-Dist: pytest>=7.0.0; extra == "pytest"
 Provides-Extra: dev
 Requires-Dist: pytest>=7.0.0; extra == "dev"
 Requires-Dist: pytest-cov>=4.0.0; extra == "dev"
-# Humanbound CLI (Beta)
+# Humanbound CLI
 > CLI-first security testing for AI agents and chatbots. Adversarial attacks, behavioral QA, posture scoring, and guardrails export — from your terminal to your CI/CD pipeline.
 [![PyPI](https://img.shields.io/pypi/v/humanbound-cli)](https://pypi.org/project/humanbound-cli/)
 [![License](https://img.shields.io/badge/license-proprietary-blue)]()
+[![Version](https://img.shields.io/badge/version-0.2.0-green)]()
 ```
 pip install humanbound-cli
@@ -113,7 +116,7 @@ hb test
 hb test -e ./bot-config.json
 # Choose test category and depth
-hb test -t owasp_multi_turn -l system
+hb test -t humanbound/adversarial/owasp_multi_turn -l system
 ```
 ### 4. Review results
@@ -285,6 +288,8 @@ Providers are LLM configurations used for running security tests.
 | `projects use <id>` | Select project |
 | `projects current` | Show current project |
 | `projects show [id]` | Show project details |
+| `projects update [id]` | Update project name/description |
+| `projects delete [id]` | Delete project (with confirmation) |
 <details>
 <summary><code>init</code> — scan bot & create project</summary>
@@ -324,27 +329,15 @@ Testing Level:
   --testing-level, -l   Depth of testing (default: unit)
                         unit | system | acceptance
-Chat Endpoint (required):
-  --chat-endpoint       Chat completion URL of the bot to test
-  --chat-header         Header for chat endpoint (repeatable)
-  --chat-payload        JSON payload template for chat
-Init Endpoint (optional):
-  --init-endpoint       Thread initialization URL
-  --init-header         Header for init endpoint (repeatable)
-  --init-payload        JSON payload for init
-Auth Endpoint (optional):
-  --auth-endpoint       Auth/token endpoint URL
-  --auth-header         Header for auth endpoint (repeatable)
-  --auth-payload        JSON payload for auth
+Endpoint Override (optional — only needed if no default integration):
+  -e, --endpoint        Bot integration config — JSON string or file path.
+                        Same shape as 'hb init --endpoint'. Overrides default.
 Other:
   --provider-id         Provider to use (default: first available)
   --name, -n            Experiment name (auto-generated if omitted)
   --lang                Language (default: english). Accepts codes: en, de, es...
   --adaptive            Enable adaptive mode (evolutionary attack strategy)
-  --streaming           Enable streaming mode (requires wss:// endpoint)
   --no-auto-start       Create without starting (manual mode)
   --wait, -w            Wait for completion
   --fail-on SEVERITY    Exit non-zero if findings >= severity
@@ -363,7 +356,8 @@ Other:
 | `experiments status <id> --watch` | Watch until completion |
 | `experiments wait <id>` | Wait with progressive backoff (30s -> 60s -> 120s -> 300s) |
 | `experiments logs <id>` | List experiment logs |
-| `experiments report <id>` | Download HTML report |
+| `experiments terminate <id>` | Stop a running experiment |
+| `experiments delete <id>` | Delete experiment (with confirmation) |
 `status` is also available as a top-level alias — without an ID it shows the most recent experiment:
@@ -371,14 +365,79 @@ Other:
 hb status [experiment_id] [--watch]
 ```
+### Findings
+Track long-term security vulnerabilities across experiments.
+| Command | Description |
+|---------|-------------|
+| `findings` | List findings (filterable by --status, --severity) |
+| `findings update <id>` | Update finding status or severity |
+Finding states: **open** → **stale** (30+ days unseen) → **fixed** (resolved). Findings can also **regress** (was fixed, reappeared).
+### Coverage
+| Command | Description |
+|---------|-------------|
+| `coverage` | Test coverage summary |
+| `coverage --gaps` | Include untested categories |
+### Campaigns
+Continuous security assurance with automated campaign management (ASCAM).
+| Command | Description |
+|---------|-------------|
+| `campaigns` | Show current campaign plan |
+| `campaigns break` | Stop a running campaign |
+ASCAM phases: Reconnaissance → Hardening → Red Teaming → Analysis → Monitoring
+### Upload Conversation Logs
+Evaluate real production conversations against security judges.
+| Command | Description |
+|---------|-------------|
+| `upload-logs <file>` | Upload JSON conversation logs |
+Options: `--tag`, `--lang`
+### API Keys
+| Command | Description |
+|---------|-------------|
+| `api-keys list` | List API keys |
+| `api-keys create` | Create new key (--name required, --scopes: admin/write/read) |
+| `api-keys update <id>` | Update key name, scopes, or active state |
+| `api-keys revoke <id>` | Revoke (delete) an API key |
+### Members
+| Command | Description |
+|---------|-------------|
+| `members list` | List organisation members |
+| `members invite <email>` | Invite member (--role: admin/developer) |
+| `members remove <id>` | Remove member |
 ### Results & Export
 ```bash
-# View experiment results (table, json, or csv)
-hb logs [experiment_id] [--format table] [--verdict pass|fail] [--page N] [--size N]
+# View experiment results
+hb logs [experiment_id] [--format table|json|html] [--verdict pass|fail] [--page N] [--size N]
+# Export branded HTML report
+hb logs <experiment_id> --format=html [-o report.html]
+# Security posture
+hb posture [--json] [--trends]
+# Test coverage
+hb coverage [--gaps] [--json]
-# Security posture score
-hb posture [--json]
+# Findings
+hb findings [--status open] [--severity high] [--json]
 # Export guardrails configuration
 hb guardrails [--vendor humanbound|openai] [--format json|yaml] [-o FILE]
@@ -406,7 +465,7 @@ hb switch abc123
 hb init -n "Support Bot" -e ./bot-config.json
 # Run adversarial test (uses project's default integration)
-hb test -t owasp_multi_turn -l unit
+hb test -t humanbound/adversarial/owasp_multi_turn -l unit
 # Watch and review
 hb status --watch
@@ -494,5 +553,5 @@ hb login
 ## Links
-- [Documentation](https://docs.humanbound.io)
+- [Documentation](https://docs.humanbound.ai)
 - [GitHub](https://github.com/Humanbound/humanbound-cli)

humanbound_cli-0.1.0/PKG-INFO → humanbound_cli-0.3.0/README.md RENAMED Viewed

@@ -1,36 +1,10 @@
-Metadata-Version: 2.1
-Name: humanbound-cli
-Version: 0.1.0
-Summary: Humanbound CLI - command line interface for AI agent security testing.
-Author-email: Kostas Siabanis <hello@humanbound.io>, Demetris Gerogiannis <hello@humanbound.io>
-License: Apache-2.0
-Project-URL: Homepage, https://github.com/Humanbound/humanbound-cli
-Project-URL: Documentation, https://docs.humanbound.io/cli
-Project-URL: Issues, https://github.com/Humanbound/humanbound-cli/issues
-Classifier: Programming Language :: Python :: 3
-Classifier: License :: OSI Approved :: Apache Software License
-Classifier: Operating System :: OS Independent
-Classifier: Environment :: Console
-Classifier: Framework :: Pytest
-Requires-Python: >=3.10
-Description-Content-Type: text/markdown
-License-File: LICENSE
-Requires-Dist: click>=8.1.0
-Requires-Dist: rich>=13.0.0
-Requires-Dist: requests>=2.32.0
-Requires-Dist: pyyaml>=6.0.0
-Provides-Extra: pytest
-Requires-Dist: pytest>=7.0.0; extra == "pytest"
-Provides-Extra: dev
-Requires-Dist: pytest>=7.0.0; extra == "dev"
-Requires-Dist: pytest-cov>=4.0.0; extra == "dev"
-# Humanbound CLI (Beta)
+# Humanbound CLI
 > CLI-first security testing for AI agents and chatbots. Adversarial attacks, behavioral QA, posture scoring, and guardrails export — from your terminal to your CI/CD pipeline.
 [![PyPI](https://img.shields.io/pypi/v/humanbound-cli)](https://pypi.org/project/humanbound-cli/)
 [![License](https://img.shields.io/badge/license-proprietary-blue)]()
+[![Version](https://img.shields.io/badge/version-0.2.0-green)]()
 ```
 pip install humanbound-cli
@@ -113,7 +87,7 @@ hb test
 hb test -e ./bot-config.json
 # Choose test category and depth
-hb test -t owasp_multi_turn -l system
+hb test -t humanbound/adversarial/owasp_multi_turn -l system
 ```
 ### 4. Review results
@@ -285,6 +259,8 @@ Providers are LLM configurations used for running security tests.
 | `projects use <id>` | Select project |
 | `projects current` | Show current project |
 | `projects show [id]` | Show project details |
+| `projects update [id]` | Update project name/description |
+| `projects delete [id]` | Delete project (with confirmation) |
 <details>
 <summary><code>init</code> — scan bot & create project</summary>
@@ -324,27 +300,15 @@ Testing Level:
   --testing-level, -l   Depth of testing (default: unit)
                         unit | system | acceptance
-Chat Endpoint (required):
-  --chat-endpoint       Chat completion URL of the bot to test
-  --chat-header         Header for chat endpoint (repeatable)
-  --chat-payload        JSON payload template for chat
-Init Endpoint (optional):
-  --init-endpoint       Thread initialization URL
-  --init-header         Header for init endpoint (repeatable)
-  --init-payload        JSON payload for init
-Auth Endpoint (optional):
-  --auth-endpoint       Auth/token endpoint URL
-  --auth-header         Header for auth endpoint (repeatable)
-  --auth-payload        JSON payload for auth
+Endpoint Override (optional — only needed if no default integration):
+  -e, --endpoint        Bot integration config — JSON string or file path.
+                        Same shape as 'hb init --endpoint'. Overrides default.
 Other:
   --provider-id         Provider to use (default: first available)
   --name, -n            Experiment name (auto-generated if omitted)
   --lang                Language (default: english). Accepts codes: en, de, es...
   --adaptive            Enable adaptive mode (evolutionary attack strategy)
-  --streaming           Enable streaming mode (requires wss:// endpoint)
   --no-auto-start       Create without starting (manual mode)
   --wait, -w            Wait for completion
   --fail-on SEVERITY    Exit non-zero if findings >= severity
@@ -363,7 +327,8 @@ Other:
 | `experiments status <id> --watch` | Watch until completion |
 | `experiments wait <id>` | Wait with progressive backoff (30s -> 60s -> 120s -> 300s) |
 | `experiments logs <id>` | List experiment logs |
-| `experiments report <id>` | Download HTML report |
+| `experiments terminate <id>` | Stop a running experiment |
+| `experiments delete <id>` | Delete experiment (with confirmation) |
 `status` is also available as a top-level alias — without an ID it shows the most recent experiment:
@@ -371,14 +336,79 @@ Other:
 hb status [experiment_id] [--watch]
 ```
+### Findings
+Track long-term security vulnerabilities across experiments.
+| Command | Description |
+|---------|-------------|
+| `findings` | List findings (filterable by --status, --severity) |
+| `findings update <id>` | Update finding status or severity |
+Finding states: **open** → **stale** (30+ days unseen) → **fixed** (resolved). Findings can also **regress** (was fixed, reappeared).
+### Coverage
+| Command | Description |
+|---------|-------------|
+| `coverage` | Test coverage summary |
+| `coverage --gaps` | Include untested categories |
+### Campaigns
+Continuous security assurance with automated campaign management (ASCAM).
+| Command | Description |
+|---------|-------------|
+| `campaigns` | Show current campaign plan |
+| `campaigns break` | Stop a running campaign |
+ASCAM phases: Reconnaissance → Hardening → Red Teaming → Analysis → Monitoring
+### Upload Conversation Logs
+Evaluate real production conversations against security judges.
+| Command | Description |
+|---------|-------------|
+| `upload-logs <file>` | Upload JSON conversation logs |
+Options: `--tag`, `--lang`
+### API Keys
+| Command | Description |
+|---------|-------------|
+| `api-keys list` | List API keys |
+| `api-keys create` | Create new key (--name required, --scopes: admin/write/read) |
+| `api-keys update <id>` | Update key name, scopes, or active state |
+| `api-keys revoke <id>` | Revoke (delete) an API key |
+### Members
+| Command | Description |
+|---------|-------------|
+| `members list` | List organisation members |
+| `members invite <email>` | Invite member (--role: admin/developer) |
+| `members remove <id>` | Remove member |
 ### Results & Export
 ```bash
-# View experiment results (table, json, or csv)
-hb logs [experiment_id] [--format table] [--verdict pass|fail] [--page N] [--size N]
+# View experiment results
+hb logs [experiment_id] [--format table|json|html] [--verdict pass|fail] [--page N] [--size N]
+# Export branded HTML report
+hb logs <experiment_id> --format=html [-o report.html]
+# Security posture
+hb posture [--json] [--trends]
+# Test coverage
+hb coverage [--gaps] [--json]
-# Security posture score
-hb posture [--json]
+# Findings
+hb findings [--status open] [--severity high] [--json]
 # Export guardrails configuration
 hb guardrails [--vendor humanbound|openai] [--format json|yaml] [-o FILE]
@@ -406,7 +436,7 @@ hb switch abc123
 hb init -n "Support Bot" -e ./bot-config.json
 # Run adversarial test (uses project's default integration)
-hb test -t owasp_multi_turn -l unit
+hb test -t humanbound/adversarial/owasp_multi_turn -l unit
 # Watch and review
 hb status --watch
@@ -494,5 +524,5 @@ hb login
 ## Links
-- [Documentation](https://docs.humanbound.io)
+- [Documentation](https://docs.humanbound.ai)
 - [GitHub](https://github.com/Humanbound/humanbound-cli)

{humanbound_cli-0.1.0 → humanbound_cli-0.3.0}/humanbound_cli/__init__.py RENAMED Viewed

@@ -1,3 +1,3 @@
 """Humanbound CLI - command line interface for AI agent security testing."""
-__version__ = "0.1.0"
+__version__ = "0.2.0"

{humanbound_cli-0.1.0 → humanbound_cli-0.3.0}/humanbound_cli/client.py RENAMED Viewed

@@ -387,12 +387,9 @@ class HumanboundClient:
         return True
     def _exchange_for_api_token(self) -> None:
-        """Exchange Auth0 token for AIandMe API session token."""
-        # Always use production API for auth (token audience must match)
-        auth_base_url = get_auth0_audience()
+        """Exchange Auth0 token for API session token."""
         response = requests.get(
-            f"{auth_base_url}/auth",
+            f"{self.base_url}/auth",
             headers={"Authorization": f"Bearer {self._auth0_token}"},
             timeout=DEFAULT_TIMEOUT,
         )
@@ -870,6 +867,125 @@ class HumanboundClient:
         """
         self.delete(f"providers/{provider_id}")
+    # -------------------------------------------------------------------------
+    # Findings Methods
+    # -------------------------------------------------------------------------
+    def list_findings(self, project_id: str, status: Optional[str] = None, severity: Optional[str] = None, page: int = 1, size: int = 50) -> dict:
+        """List findings for a project."""
+        params = {"page": page, "size": size}
+        if status:
+            params["status"] = status
+        if severity:
+            params["severity"] = severity
+        return self.get(f"projects/{project_id}/findings", include_project=True, params=params)
+    def update_finding(self, project_id: str, finding_id: str, data: dict) -> dict:
+        """Update a finding."""
+        return self.put(f"projects/{project_id}/findings/{finding_id}", data=data)
+    # -------------------------------------------------------------------------
+    # Experiment Extensions
+    # -------------------------------------------------------------------------
+    def terminate_experiment(self, experiment_id: str) -> dict:
+        """Terminate a running experiment."""
+        return self.post(f"experiments/{experiment_id}/terminate", include_project=True)
+    def delete_experiment(self, experiment_id: str) -> Any:
+        """Delete an experiment."""
+        return self.delete(f"experiments/{experiment_id}", include_project=True)
+    # -------------------------------------------------------------------------
+    # Project Extensions
+    # -------------------------------------------------------------------------
+    def update_project(self, project_id: str, data: dict) -> dict:
+        """Update a project."""
+        return self.put(f"projects/{project_id}", data=data)
+    def delete_project(self, project_id: str) -> Any:
+        """Delete a project."""
+        return self.delete(f"projects/{project_id}")
+    # -------------------------------------------------------------------------
+    # API Key Methods
+    # -------------------------------------------------------------------------
+    def list_api_keys(self, page: int = 1, limit: int = 50) -> Any:
+        """List API keys."""
+        return self.get("api-keys", params={"page": page, "limit": limit}, include_org=False)
+    def create_api_key(self, name: str, scopes: str = "admin") -> dict:
+        """Create a new API key."""
+        return self.post("api-keys", data={"name": name, "scopes": scopes}, include_org=False)
+    def delete_api_key(self, key_id: str) -> Any:
+        """Delete an API key."""
+        return self.delete(f"api-keys/{key_id}", include_org=False)
+    def update_api_key(self, key_id: str, data: dict) -> dict:
+        """Update an API key."""
+        return self.put(f"api-keys/{key_id}", data=data, include_org=False)
+    # -------------------------------------------------------------------------
+    # Member Methods
+    # -------------------------------------------------------------------------
+    def list_members(self) -> Any:
+        """List organisation members."""
+        return self.get("members")
+    def invite_member(self, email: str, access_level: str) -> dict:
+        """Invite a member to the organisation."""
+        return self.post("members", data={"email": email, "access_level": access_level})
+    def remove_member(self, member_id: str) -> Any:
+        """Remove a member from the organisation."""
+        return self.delete(f"members/{member_id}")
+    # -------------------------------------------------------------------------
+    # Coverage Methods
+    # -------------------------------------------------------------------------
+    def get_coverage(self, project_id: str, include_gaps: bool = False) -> dict:
+        """Get test coverage for a project."""
+        params = {"include_gaps": "true"} if include_gaps else {}
+        return self.get(f"projects/{project_id}/coverage", params=params)
+    # -------------------------------------------------------------------------
+    # Posture Trends Methods
+    # -------------------------------------------------------------------------
+    def get_posture_trends(self, project_id: str) -> Any:
+        """Get posture trend history for a project."""
+        return self.get(f"projects/{project_id}/posture/trends")
+    # -------------------------------------------------------------------------
+    # Campaign Methods
+    # -------------------------------------------------------------------------
+    def get_campaign_plan(self, project_id: str) -> dict:
+        """Get the current campaign plan for a project."""
+        return self.get(f"projects/{project_id}/plan")
+    def break_campaign(self, project_id: str, campaign_id: str) -> dict:
+        """Break/stop a running campaign."""
+        return self.post(f"projects/{project_id}/plan/break", data={"campaign_id": campaign_id})
+    # -------------------------------------------------------------------------
+    # Upload Conversations Methods
+    # -------------------------------------------------------------------------
+    def upload_conversations(self, project_id: str, conversations: list, tag: Optional[str] = None, lang: Optional[str] = None) -> dict:
+        """Upload conversation logs for evaluation."""
+        data = {"conversations": conversations}
+        if tag:
+            data["tag"] = tag
+        if lang:
+            data["lang"] = lang
+        return self.post(f"projects/{project_id}/datasets/conversations", data=data, include_project=True)
 # Import ValidationError to this module
 from .exceptions import ValidationError

humanbound_cli-0.3.0/humanbound_cli/commands/__init__.py ADDED Viewed

@@ -0,0 +1,27 @@
+"""CLI command modules."""
+from . import (
+    auth, orgs, projects, experiments, init, test, logs, posture,
+    guardrails, docs, providers, findings, api_keys, members,
+    coverage, campaigns, upload_logs,
+)
+__all__ = [
+    "auth",
+    "orgs",
+    "projects",
+    "experiments",
+    "init",
+    "test",
+    "logs",
+    "posture",
+    "guardrails",
+    "docs",
+    "providers",
+    "findings",
+    "api_keys",
+    "members",
+    "coverage",
+    "campaigns",
+    "upload_logs",
+]

humanbound-cli 0.1.0__tar.gz → 0.3.0__tar.gz

humanbound-cli 0.1.0tar.gz → 0.3.0tar.gz