penbot 2.2.0__tar.gz → 2.4.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- penbot-2.4.0/PKG-INFO +262 -0
- penbot-2.4.0/README.md +195 -0
- penbot-2.4.0/penbot.egg-info/PKG-INFO +262 -0
- {penbot-2.2.0 → penbot-2.4.0}/penbot.egg-info/SOURCES.txt +1 -0
- {penbot-2.2.0 → penbot-2.4.0}/penbot.egg-info/requires.txt +1 -0
- {penbot-2.2.0 → penbot-2.4.0}/pyproject.toml +3 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/__init__.py +1 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/base.py +4 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/coordinator.py +28 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/jailbreak.py +1 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/mcp_exploit.py +7 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/base.py +11 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/data_leakage.py +21 -2
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/orchestrator.py +10 -2
- penbot-2.4.0/src/analysis/outcome_classifier.py +294 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/api/auth.py +10 -2
- {penbot-2.2.0 → penbot-2.4.0}/src/api/routes/reports.py +2 -2
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/mcp_exploit_patterns.json +13 -3
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/agents_cmd.py +1 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/benchmark_cmd.py +7 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/main.py +23 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/purple_cmd.py +1 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/regression_cmd.py +1 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/test_runner.py +31 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/connectors/base.py +10 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/ml/evaluation.py +1 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/ml/vector_memory.py +2 -2
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/attack_lineage.py +4 -4
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/config.py +13 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/endpoint_mapper.py +1 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/intelligence/intelligence_store.py +1 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/llm_client.py +460 -2
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/memory/attack_memory.py +4 -4
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/pattern_schema.py +2 -2
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/sandbox.py +94 -40
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/shell_validator.py +16 -13
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/tool_discoverer.py +1 -1
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/nodes.py +68 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/state.py +29 -5
- penbot-2.2.0/PKG-INFO +0 -433
- penbot-2.2.0/README.md +0 -367
- penbot-2.2.0/penbot.egg-info/PKG-INFO +0 -433
- {penbot-2.2.0 → penbot-2.4.0}/LICENSE +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/penbot.egg-info/dependency_links.txt +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/penbot.egg-info/entry_points.txt +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/penbot.egg-info/top_level.txt +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/setup.cfg +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/action_safety.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/compliance.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/encoding.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/enhanced_generation.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/evolutionary/agent.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/evolutionary/mutator.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/evolutionary/token_soup_mutator.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/exfiltration.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/impersonation.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/indirect_injection.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/info_disclosure.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/multi_turn.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/output_security.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/rag_poisoning.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/subagents/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/subagents/base.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/subagents/domain_adaptation.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/subagents/encoding.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/subagents/factory.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/subagents/psychological.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/subagents/stealth.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/subagents/visual.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/token_soup.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/agents/tool_exploit.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/canned_response_detector.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/data_poisoning.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/excessive_agency.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/exfiltration_detection.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/fitness.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/guardrail_fingerprinting.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/image_attack_detection.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/indirect_injection_detection.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/jailbreak_detection.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/llm_finding_assessor.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/policy_violation.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/rag_detection.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/refusal_classifier.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/ssrf_detection.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/structure_parser.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/structured_disclosure_detector.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/system_prompt_disclosure.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/target_fingerprinting.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/tool_detection.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/unbounded_consumption.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/analysis/vector_weaknesses.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/api/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/api/main.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/api/routes/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/api/routes/auth.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/api/routes/websocket.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/action_safety_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/encoding_methods.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/endpoint_enumeration_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/excessive_agency_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/exfiltration_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/guardrail_evasion_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/indirect_injection_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/industry_specific_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/insecure_output_handling_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/jailbreak_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/jailbreak_patterns_2025_latest.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/jailbreak_patterns_advanced.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/jailbreak_patterns_libertas.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/jailbreak_patterns_research.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/jailbreak_patterns_specialized.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/jailbreak_patterns_ultra_advanced.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/musical_encoding_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/rag_attack_patterns.backup_20260114_164612.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/rag_attack_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/sensitive_info_disclosure_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/social_engineering.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/tool_attack_patterns.backup_20260114_164613.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/tool_attack_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/tool_discovery_probes.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/unbounded_consumption_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/attack_library/vector_weaknesses_patterns.json +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/campaign/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/campaign/planner.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/config_loader.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/dashboard_cmd.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/doctor.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/init_cmd.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/machine_output.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/onboard.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/patterns.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/reporter.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/sessions.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/validator.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/watch_cmd.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/cli/wizard.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/connectors/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/connectors/api_connector.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/connectors/azure_directline_connector.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/connectors/factory.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/connectors/lex_connector.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/connectors/playwright_connector.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/connectors/rest_connector.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/database/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/database/engine.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/database/models.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/database/repository.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/defense/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/defense/simulator.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/defense/strategies.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/mcp_server.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/ml/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/ml/config.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/ml/embeddings.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/ml/vector_index.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/regression/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/regression/baseline.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/reporting/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/reporting/detailed_report_generator.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/reporting/owasp_compliance.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/reporting/scoring.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/synthesis/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/synthesis/attack_synthesizer.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/synthesis/finding_chainer.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/attack_surface_intel.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/document_generator.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/encoding_helpers.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/helpers.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/image_generator.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/intelligence/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/llm_cache.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/logging.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/memory/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/memory/target_model.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/metrics.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/operational_metrics.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/pattern_success_tracker.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/psychological_attacks.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/session_summarizer.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/summarization/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/summarization/summarizer.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/tavily_client.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/text_normalization.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/think_mcp_client.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/vision_detector.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/utils/voting_visualizer.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/verification/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/verification/persistence_verifier.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/__init__.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/attack_graph.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/campaign_coordinator.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/context_views.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/graph.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/kv_cache_optimization.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/phase_intelligence.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/simple_attack_graph.py +0 -0
- {penbot-2.2.0 → penbot-2.4.0}/src/workflow/streaming.py +0 -0
penbot-2.4.0/PKG-INFO
ADDED
|
@@ -0,0 +1,262 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: penbot
|
|
3
|
+
Version: 2.4.0
|
|
4
|
+
Summary: AI Chatbot Penetration Testing Framework
|
|
5
|
+
Author: terminal48
|
|
6
|
+
License: MIT
|
|
7
|
+
Project-URL: Homepage, https://gitlab.com/yan-ban/penbot
|
|
8
|
+
Project-URL: Documentation, https://gitlab.com/yan-ban/penbot/-/tree/main/docs
|
|
9
|
+
Project-URL: Repository, https://gitlab.com/yan-ban/penbot
|
|
10
|
+
Project-URL: Issues, https://gitlab.com/yan-ban/penbot/-/issues
|
|
11
|
+
Requires-Python: >=3.11
|
|
12
|
+
Description-Content-Type: text/markdown
|
|
13
|
+
License-File: LICENSE
|
|
14
|
+
Requires-Dist: langgraph>=0.2.0
|
|
15
|
+
Requires-Dist: langgraph-checkpoint-sqlite>=2.0.0
|
|
16
|
+
Requires-Dist: langchain>=0.2.0
|
|
17
|
+
Requires-Dist: langchain-anthropic>=0.1.0
|
|
18
|
+
Requires-Dist: pydantic>=2.7.0
|
|
19
|
+
Requires-Dist: pydantic-settings>=2.2.0
|
|
20
|
+
Requires-Dist: click>=8.1.7
|
|
21
|
+
Requires-Dist: rich>=13.7.1
|
|
22
|
+
Requires-Dist: aiohttp>=3.9.4
|
|
23
|
+
Requires-Dist: httpx>=0.27.0
|
|
24
|
+
Requires-Dist: pyyaml>=6.0
|
|
25
|
+
Requires-Dist: python-dateutil>=2.9.0
|
|
26
|
+
Requires-Dist: jsonpath-ng>=1.6.0
|
|
27
|
+
Requires-Dist: sqlalchemy>=2.0.0
|
|
28
|
+
Requires-Dist: jinja2>=3.1.3
|
|
29
|
+
Requires-Dist: prometheus-client>=0.20.0
|
|
30
|
+
Requires-Dist: python-dotenv>=1.0.1
|
|
31
|
+
Requires-Dist: structlog>=24.1.0
|
|
32
|
+
Requires-Dist: mcp>=1.0.0
|
|
33
|
+
Requires-Dist: langchain-openai>=0.1.0
|
|
34
|
+
Provides-Extra: full
|
|
35
|
+
Requires-Dist: fastapi>=0.110.0; extra == "full"
|
|
36
|
+
Requires-Dist: uvicorn[standard]>=0.29.0; extra == "full"
|
|
37
|
+
Requires-Dist: slowapi>=0.1.9; extra == "full"
|
|
38
|
+
Requires-Dist: PyJWT>=2.8.0; extra == "full"
|
|
39
|
+
Requires-Dist: playwright>=1.43.0; extra == "full"
|
|
40
|
+
Requires-Dist: weasyprint>=62.0; extra == "full"
|
|
41
|
+
Requires-Dist: reportlab>=4.1.0; extra == "full"
|
|
42
|
+
Requires-Dist: python-docx>=1.1.0; extra == "full"
|
|
43
|
+
Requires-Dist: pypdf>=4.0.0; extra == "full"
|
|
44
|
+
Requires-Dist: Pillow>=10.0.0; extra == "full"
|
|
45
|
+
Requires-Dist: prometheus-fastapi-instrumentator>=7.0.0; extra == "full"
|
|
46
|
+
Requires-Dist: tavily-python>=0.5.0; extra == "full"
|
|
47
|
+
Provides-Extra: recon
|
|
48
|
+
Requires-Dist: tavily-python>=0.5.0; extra == "recon"
|
|
49
|
+
Provides-Extra: think
|
|
50
|
+
Provides-Extra: ml
|
|
51
|
+
Requires-Dist: sentence-transformers>=2.2.0; extra == "ml"
|
|
52
|
+
Requires-Dist: faiss-cpu>=1.7.0; extra == "ml"
|
|
53
|
+
Requires-Dist: numpy>=1.24.0; extra == "ml"
|
|
54
|
+
Provides-Extra: ml-viz
|
|
55
|
+
Requires-Dist: sentence-transformers>=2.2.0; extra == "ml-viz"
|
|
56
|
+
Requires-Dist: faiss-cpu>=1.7.0; extra == "ml-viz"
|
|
57
|
+
Requires-Dist: numpy>=1.24.0; extra == "ml-viz"
|
|
58
|
+
Requires-Dist: scikit-learn>=1.3.0; extra == "ml-viz"
|
|
59
|
+
Requires-Dist: matplotlib>=3.8.0; extra == "ml-viz"
|
|
60
|
+
Provides-Extra: dev
|
|
61
|
+
Requires-Dist: pytest>=8.1.1; extra == "dev"
|
|
62
|
+
Requires-Dist: pytest-asyncio>=0.23.6; extra == "dev"
|
|
63
|
+
Requires-Dist: pytest-cov>=5.0.0; extra == "dev"
|
|
64
|
+
Requires-Dist: black>=24.3.0; extra == "dev"
|
|
65
|
+
Requires-Dist: ruff>=0.3.5; extra == "dev"
|
|
66
|
+
Dynamic: license-file
|
|
67
|
+
|
|
68
|
+
<div align="center">
|
|
69
|
+
|
|
70
|
+
```
|
|
71
|
+
██████╗ ███████╗███╗ ██╗██████╗ ██████╗ ████████╗
|
|
72
|
+
██╔══██╗██╔════╝████╗ ██║██╔══██╗██╔═══██╗╚══██╔══╝
|
|
73
|
+
██████╔╝█████╗ ██╔██╗ ██║██████╔╝██║ ██║ ██║
|
|
74
|
+
██╔═══╝ ██╔══╝ ██║╚██╗██║██╔══██╗██║ ██║ ██║
|
|
75
|
+
██║ ███████╗██║ ╚████║██████╔╝╚██████╔╝ ██║
|
|
76
|
+
╚═╝ ╚══════╝╚═╝ ╚═══╝╚═════╝ ╚═════╝ ╚═╝
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
<img src="docs/evidence/penbot_logo.png" alt="PenBot Logo" width="180"/>
|
|
80
|
+
|
|
81
|
+
</div>
|
|
82
|
+
|
|
83
|
+
[](https://pypi.org/project/penbot/)
|
|
84
|
+
[](https://gitlab.com/yan-ban/penbot/-/pipelines)
|
|
85
|
+
[](https://www.python.org/downloads/)
|
|
86
|
+
[](https://opensource.org/licenses/MIT)
|
|
87
|
+
[](https://owasp.org/www-project-top-10-for-large-language-model-applications/)
|
|
88
|
+
[](https://genai.owasp.org/initiatives/agentic-security/)
|
|
89
|
+
[](CONTRIBUTING.md)
|
|
90
|
+
|
|
91
|
+
Multi-agent adversarial testing framework for AI chatbots and agentic
|
|
92
|
+
systems. Orchestrates specialized security agents to find vulnerabilities
|
|
93
|
+
in conversational AI through prompt injection, social engineering,
|
|
94
|
+
encoding attacks, RAG poisoning, tool exploitation, and MCP protocol abuse.
|
|
95
|
+
|
|
96
|
+
---
|
|
97
|
+
|
|
98
|
+
## Install
|
|
99
|
+
|
|
100
|
+
```bash
|
|
101
|
+
pip install penbot # Core: CLI + REST API testing
|
|
102
|
+
pip install penbot[full] # Adds dashboard, Playwright, PDF/DOCX reports
|
|
103
|
+
pip install penbot[ml] # Adds embedding-based attack memory
|
|
104
|
+
```
|
|
105
|
+
|
|
106
|
+
From source:
|
|
107
|
+
|
|
108
|
+
```bash
|
|
109
|
+
git clone https://gitlab.com/yan-ban/penbot.git
|
|
110
|
+
cd penbot
|
|
111
|
+
pip install -e .
|
|
112
|
+
```
|
|
113
|
+
|
|
114
|
+
Docker:
|
|
115
|
+
|
|
116
|
+
```bash
|
|
117
|
+
docker pull registry.gitlab.com/yan-ban/penbot:latest
|
|
118
|
+
```
|
|
119
|
+
|
|
120
|
+
---
|
|
121
|
+
|
|
122
|
+
## Run
|
|
123
|
+
|
|
124
|
+
```bash
|
|
125
|
+
penbot onboard # First-run setup
|
|
126
|
+
penbot wizard # Configure a target
|
|
127
|
+
penbot test --config configs/clients/target.yaml
|
|
128
|
+
penbot doctor # Verify environment
|
|
129
|
+
```
|
|
130
|
+
|
|
131
|
+
Dashboard:
|
|
132
|
+
|
|
133
|
+
```bash
|
|
134
|
+
penbot dashboard # http://localhost:8000/dashboard
|
|
135
|
+
```
|
|
136
|
+
|
|
137
|
+
---
|
|
138
|
+
|
|
139
|
+
## CLI
|
|
140
|
+
|
|
141
|
+
```
|
|
142
|
+
penbot onboard First-run setup
|
|
143
|
+
penbot doctor Environment health check
|
|
144
|
+
penbot wizard Configure new target
|
|
145
|
+
penbot test Run security test
|
|
146
|
+
penbot dashboard Start Mission Control
|
|
147
|
+
penbot sessions Manage past sessions
|
|
148
|
+
penbot agents Browse agents
|
|
149
|
+
penbot patterns Search attack library
|
|
150
|
+
penbot report Generate report
|
|
151
|
+
penbot benchmark Score detection against mock chatbots
|
|
152
|
+
penbot watch Continuous testing
|
|
153
|
+
```
|
|
154
|
+
|
|
155
|
+
See [CLI Reference](docs/CLI_REFERENCE.md).
|
|
156
|
+
|
|
157
|
+
---
|
|
158
|
+
|
|
159
|
+
## Features
|
|
160
|
+
|
|
161
|
+
- **14 specialized agents** — jailbreak, encoding, social engineering, RAG, tool exploitation, MCP exploit, exfiltration, indirect injection, action safety, compliance, and more
|
|
162
|
+
- **1,398+ attack patterns** across 27 curated libraries (including 20 MCP protocol-attack patterns)
|
|
163
|
+
- **22 vulnerability detectors** — two-layer detection (pattern + LLM) with finding chaining and guardrail fingerprinting
|
|
164
|
+
- **OWASP LLM Top 10 (2025) + Agentic Top 10 (2026)** coverage, including ASI02 and ASI04
|
|
165
|
+
- **Model Context Protocol (MCP) testing** — tool-description poisoning, resource URI traversal, list_changed bait-and-switch, cross-server pivots, sampling API abuse
|
|
166
|
+
- **Multi-agent coordination** — voting, hybrid attack composition, domain-aware campaign planning
|
|
167
|
+
- **Persistence verification** — post-test replay confirms findings are reproducible
|
|
168
|
+
- **Endpoint reconnaissance** — two-phase API surface mapping with framework detection
|
|
169
|
+
- **Evolutionary generation** — novel attacks via genetic algorithms with semantic retrieval (sentence-transformers + FAISS)
|
|
170
|
+
- **Web dashboard** — live Mission Control, session replay, OWASP report, real-time WebSocket streaming
|
|
171
|
+
- **Regression testing and purple-team mode** for CI-friendly defense validation
|
|
172
|
+
|
|
173
|
+
---
|
|
174
|
+
|
|
175
|
+
## Technology
|
|
176
|
+
|
|
177
|
+
- **LangGraph** — multi-agent workflow orchestration
|
|
178
|
+
- **Claude Sonnet 4.5** — attack generation
|
|
179
|
+
- **FastAPI** — API + WebSocket server (requires `penbot[full]`)
|
|
180
|
+
- **Playwright** — browser automation (requires `penbot[full]`)
|
|
181
|
+
- **SQLite** — session persistence
|
|
182
|
+
|
|
183
|
+
### Install Extras
|
|
184
|
+
|
|
185
|
+
| Extra | Command | What it adds |
|
|
186
|
+
|-------|---------|-------------|
|
|
187
|
+
| Core | `pip install penbot` | CLI, REST API testing, security agents, attack pattern libraries |
|
|
188
|
+
| Full | `pip install penbot[full]` | Dashboard, Playwright, PDF/DOCX reports, OpenAI provider, Tavily recon |
|
|
189
|
+
| Recon | `pip install penbot[recon]` | Tavily web search for target reconnaissance |
|
|
190
|
+
| Think | `pip install penbot[think]` | MCP-based enhanced reasoning |
|
|
191
|
+
| ML | `pip install penbot[ml]` | Embedding-based attack memory (sentence-transformers, FAISS) |
|
|
192
|
+
| ML-Viz | `pip install penbot[ml-viz]` | ML + scikit-learn & matplotlib for notebooks |
|
|
193
|
+
|
|
194
|
+
---
|
|
195
|
+
|
|
196
|
+
## Documentation
|
|
197
|
+
|
|
198
|
+
| Document | Description |
|
|
199
|
+
|----------|-------------|
|
|
200
|
+
| [Developer Guide](docs/DEVELOPER_GUIDE.md) | How PenBot works under the hood |
|
|
201
|
+
| [Architecture](docs/ARCHITECTURE.md) | System design and diagrams |
|
|
202
|
+
| [Methodology](docs/METHODOLOGY.md) | Attack strategies |
|
|
203
|
+
| [Configuration](docs/CONFIGURATION.md) | YAML and environment setup |
|
|
204
|
+
| [CLI Reference](docs/CLI_REFERENCE.md) | Command-line usage |
|
|
205
|
+
| [API Reference](docs/API_REFERENCE.md) | REST and WebSocket |
|
|
206
|
+
| [Agents](docs/AGENTS.md) | Agent system details |
|
|
207
|
+
| [Detection](docs/DETECTION.md) | Vulnerability detectors |
|
|
208
|
+
| [Advanced](docs/ADVANCED.md) | RAG, tools, evolutionary |
|
|
209
|
+
| [OWASP Coverage](docs/OWASP_COVERAGE.md) | Compliance mapping |
|
|
210
|
+
| [Test Example](docs/TEST_EXAMPLE.md) | Test walkthrough |
|
|
211
|
+
|
|
212
|
+
---
|
|
213
|
+
|
|
214
|
+
## Responsible Use
|
|
215
|
+
|
|
216
|
+
This tool is for authorized security testing only.
|
|
217
|
+
|
|
218
|
+
Permitted: testing your own systems, security research with written
|
|
219
|
+
permission, contracted red team engagements, pre-deployment validation.
|
|
220
|
+
|
|
221
|
+
Prohibited: testing without authorization, attacking production systems
|
|
222
|
+
maliciously, extracting proprietary data.
|
|
223
|
+
|
|
224
|
+
Built-in safeguards include authorization verification, a blocklist for
|
|
225
|
+
public AI services, rate limiting, and audit logging.
|
|
226
|
+
|
|
227
|
+
---
|
|
228
|
+
|
|
229
|
+
## Project Status
|
|
230
|
+
|
|
231
|
+
| Aspect | Status |
|
|
232
|
+
|--------|--------|
|
|
233
|
+
| Development | Under active development |
|
|
234
|
+
| Tests | 1,542 passing |
|
|
235
|
+
| Skipped | 11 (optional deps) |
|
|
236
|
+
| Docker | Multi-stage build |
|
|
237
|
+
|
|
238
|
+
---
|
|
239
|
+
|
|
240
|
+
## References
|
|
241
|
+
|
|
242
|
+
- [OWASP Top 10 for LLM Applications (2025)](https://genai.owasp.org/llm-top-10/)
|
|
243
|
+
- [OWASP Top 10 for Agentic Applications (2026)](https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/)
|
|
244
|
+
- Kumar et al. (2024). *AmpleGCG-Plus.* [arXiv:2410.22143](https://arxiv.org/abs/2410.22143)
|
|
245
|
+
- Zhang et al. (2025). *Verbalized Sampling.* [arXiv:2510.01171](https://arxiv.org/abs/2510.01171)
|
|
246
|
+
- *Hiding in the AI Traffic: Abusing MCP for LLM-Powered Agentic Red Teaming.* [arXiv:2511.15998](https://arxiv.org/abs/2511.15998)
|
|
247
|
+
|
|
248
|
+
---
|
|
249
|
+
|
|
250
|
+
## Acknowledgments
|
|
251
|
+
|
|
252
|
+
- [Elder Plinius / L1B3RT4S](https://github.com/elder-plinius) — jailbreak pattern research
|
|
253
|
+
- [Manus AI](https://manus.im) — context engineering principles
|
|
254
|
+
- [LangChain](https://github.com/langchain-ai/langgraph) — LangGraph framework
|
|
255
|
+
- [Anthropic](https://anthropic.com)
|
|
256
|
+
- [OWASP](https://owasp.org) — LLM Top 10 framework
|
|
257
|
+
|
|
258
|
+
---
|
|
259
|
+
|
|
260
|
+
## License
|
|
261
|
+
|
|
262
|
+
MIT — see [LICENSE](LICENSE).
|
penbot-2.4.0/README.md
ADDED
|
@@ -0,0 +1,195 @@
|
|
|
1
|
+
<div align="center">
|
|
2
|
+
|
|
3
|
+
```
|
|
4
|
+
██████╗ ███████╗███╗ ██╗██████╗ ██████╗ ████████╗
|
|
5
|
+
██╔══██╗██╔════╝████╗ ██║██╔══██╗██╔═══██╗╚══██╔══╝
|
|
6
|
+
██████╔╝█████╗ ██╔██╗ ██║██████╔╝██║ ██║ ██║
|
|
7
|
+
██╔═══╝ ██╔══╝ ██║╚██╗██║██╔══██╗██║ ██║ ██║
|
|
8
|
+
██║ ███████╗██║ ╚████║██████╔╝╚██████╔╝ ██║
|
|
9
|
+
╚═╝ ╚══════╝╚═╝ ╚═══╝╚═════╝ ╚═════╝ ╚═╝
|
|
10
|
+
```
|
|
11
|
+
|
|
12
|
+
<img src="docs/evidence/penbot_logo.png" alt="PenBot Logo" width="180"/>
|
|
13
|
+
|
|
14
|
+
</div>
|
|
15
|
+
|
|
16
|
+
[](https://pypi.org/project/penbot/)
|
|
17
|
+
[](https://gitlab.com/yan-ban/penbot/-/pipelines)
|
|
18
|
+
[](https://www.python.org/downloads/)
|
|
19
|
+
[](https://opensource.org/licenses/MIT)
|
|
20
|
+
[](https://owasp.org/www-project-top-10-for-large-language-model-applications/)
|
|
21
|
+
[](https://genai.owasp.org/initiatives/agentic-security/)
|
|
22
|
+
[](CONTRIBUTING.md)
|
|
23
|
+
|
|
24
|
+
Multi-agent adversarial testing framework for AI chatbots and agentic
|
|
25
|
+
systems. Orchestrates specialized security agents to find vulnerabilities
|
|
26
|
+
in conversational AI through prompt injection, social engineering,
|
|
27
|
+
encoding attacks, RAG poisoning, tool exploitation, and MCP protocol abuse.
|
|
28
|
+
|
|
29
|
+
---
|
|
30
|
+
|
|
31
|
+
## Install
|
|
32
|
+
|
|
33
|
+
```bash
|
|
34
|
+
pip install penbot # Core: CLI + REST API testing
|
|
35
|
+
pip install penbot[full] # Adds dashboard, Playwright, PDF/DOCX reports
|
|
36
|
+
pip install penbot[ml] # Adds embedding-based attack memory
|
|
37
|
+
```
|
|
38
|
+
|
|
39
|
+
From source:
|
|
40
|
+
|
|
41
|
+
```bash
|
|
42
|
+
git clone https://gitlab.com/yan-ban/penbot.git
|
|
43
|
+
cd penbot
|
|
44
|
+
pip install -e .
|
|
45
|
+
```
|
|
46
|
+
|
|
47
|
+
Docker:
|
|
48
|
+
|
|
49
|
+
```bash
|
|
50
|
+
docker pull registry.gitlab.com/yan-ban/penbot:latest
|
|
51
|
+
```
|
|
52
|
+
|
|
53
|
+
---
|
|
54
|
+
|
|
55
|
+
## Run
|
|
56
|
+
|
|
57
|
+
```bash
|
|
58
|
+
penbot onboard # First-run setup
|
|
59
|
+
penbot wizard # Configure a target
|
|
60
|
+
penbot test --config configs/clients/target.yaml
|
|
61
|
+
penbot doctor # Verify environment
|
|
62
|
+
```
|
|
63
|
+
|
|
64
|
+
Dashboard:
|
|
65
|
+
|
|
66
|
+
```bash
|
|
67
|
+
penbot dashboard # http://localhost:8000/dashboard
|
|
68
|
+
```
|
|
69
|
+
|
|
70
|
+
---
|
|
71
|
+
|
|
72
|
+
## CLI
|
|
73
|
+
|
|
74
|
+
```
|
|
75
|
+
penbot onboard First-run setup
|
|
76
|
+
penbot doctor Environment health check
|
|
77
|
+
penbot wizard Configure new target
|
|
78
|
+
penbot test Run security test
|
|
79
|
+
penbot dashboard Start Mission Control
|
|
80
|
+
penbot sessions Manage past sessions
|
|
81
|
+
penbot agents Browse agents
|
|
82
|
+
penbot patterns Search attack library
|
|
83
|
+
penbot report Generate report
|
|
84
|
+
penbot benchmark Score detection against mock chatbots
|
|
85
|
+
penbot watch Continuous testing
|
|
86
|
+
```
|
|
87
|
+
|
|
88
|
+
See [CLI Reference](docs/CLI_REFERENCE.md).
|
|
89
|
+
|
|
90
|
+
---
|
|
91
|
+
|
|
92
|
+
## Features
|
|
93
|
+
|
|
94
|
+
- **14 specialized agents** — jailbreak, encoding, social engineering, RAG, tool exploitation, MCP exploit, exfiltration, indirect injection, action safety, compliance, and more
|
|
95
|
+
- **1,398+ attack patterns** across 27 curated libraries (including 20 MCP protocol-attack patterns)
|
|
96
|
+
- **22 vulnerability detectors** — two-layer detection (pattern + LLM) with finding chaining and guardrail fingerprinting
|
|
97
|
+
- **OWASP LLM Top 10 (2025) + Agentic Top 10 (2026)** coverage, including ASI02 and ASI04
|
|
98
|
+
- **Model Context Protocol (MCP) testing** — tool-description poisoning, resource URI traversal, list_changed bait-and-switch, cross-server pivots, sampling API abuse
|
|
99
|
+
- **Multi-agent coordination** — voting, hybrid attack composition, domain-aware campaign planning
|
|
100
|
+
- **Persistence verification** — post-test replay confirms findings are reproducible
|
|
101
|
+
- **Endpoint reconnaissance** — two-phase API surface mapping with framework detection
|
|
102
|
+
- **Evolutionary generation** — novel attacks via genetic algorithms with semantic retrieval (sentence-transformers + FAISS)
|
|
103
|
+
- **Web dashboard** — live Mission Control, session replay, OWASP report, real-time WebSocket streaming
|
|
104
|
+
- **Regression testing and purple-team mode** for CI-friendly defense validation
|
|
105
|
+
|
|
106
|
+
---
|
|
107
|
+
|
|
108
|
+
## Technology
|
|
109
|
+
|
|
110
|
+
- **LangGraph** — multi-agent workflow orchestration
|
|
111
|
+
- **Claude Sonnet 4.5** — attack generation
|
|
112
|
+
- **FastAPI** — API + WebSocket server (requires `penbot[full]`)
|
|
113
|
+
- **Playwright** — browser automation (requires `penbot[full]`)
|
|
114
|
+
- **SQLite** — session persistence
|
|
115
|
+
|
|
116
|
+
### Install Extras
|
|
117
|
+
|
|
118
|
+
| Extra | Command | What it adds |
|
|
119
|
+
|-------|---------|-------------|
|
|
120
|
+
| Core | `pip install penbot` | CLI, REST API testing, security agents, attack pattern libraries |
|
|
121
|
+
| Full | `pip install penbot[full]` | Dashboard, Playwright, PDF/DOCX reports, OpenAI provider, Tavily recon |
|
|
122
|
+
| Recon | `pip install penbot[recon]` | Tavily web search for target reconnaissance |
|
|
123
|
+
| Think | `pip install penbot[think]` | MCP-based enhanced reasoning |
|
|
124
|
+
| ML | `pip install penbot[ml]` | Embedding-based attack memory (sentence-transformers, FAISS) |
|
|
125
|
+
| ML-Viz | `pip install penbot[ml-viz]` | ML + scikit-learn & matplotlib for notebooks |
|
|
126
|
+
|
|
127
|
+
---
|
|
128
|
+
|
|
129
|
+
## Documentation
|
|
130
|
+
|
|
131
|
+
| Document | Description |
|
|
132
|
+
|----------|-------------|
|
|
133
|
+
| [Developer Guide](docs/DEVELOPER_GUIDE.md) | How PenBot works under the hood |
|
|
134
|
+
| [Architecture](docs/ARCHITECTURE.md) | System design and diagrams |
|
|
135
|
+
| [Methodology](docs/METHODOLOGY.md) | Attack strategies |
|
|
136
|
+
| [Configuration](docs/CONFIGURATION.md) | YAML and environment setup |
|
|
137
|
+
| [CLI Reference](docs/CLI_REFERENCE.md) | Command-line usage |
|
|
138
|
+
| [API Reference](docs/API_REFERENCE.md) | REST and WebSocket |
|
|
139
|
+
| [Agents](docs/AGENTS.md) | Agent system details |
|
|
140
|
+
| [Detection](docs/DETECTION.md) | Vulnerability detectors |
|
|
141
|
+
| [Advanced](docs/ADVANCED.md) | RAG, tools, evolutionary |
|
|
142
|
+
| [OWASP Coverage](docs/OWASP_COVERAGE.md) | Compliance mapping |
|
|
143
|
+
| [Test Example](docs/TEST_EXAMPLE.md) | Test walkthrough |
|
|
144
|
+
|
|
145
|
+
---
|
|
146
|
+
|
|
147
|
+
## Responsible Use
|
|
148
|
+
|
|
149
|
+
This tool is for authorized security testing only.
|
|
150
|
+
|
|
151
|
+
Permitted: testing your own systems, security research with written
|
|
152
|
+
permission, contracted red team engagements, pre-deployment validation.
|
|
153
|
+
|
|
154
|
+
Prohibited: testing without authorization, attacking production systems
|
|
155
|
+
maliciously, extracting proprietary data.
|
|
156
|
+
|
|
157
|
+
Built-in safeguards include authorization verification, a blocklist for
|
|
158
|
+
public AI services, rate limiting, and audit logging.
|
|
159
|
+
|
|
160
|
+
---
|
|
161
|
+
|
|
162
|
+
## Project Status
|
|
163
|
+
|
|
164
|
+
| Aspect | Status |
|
|
165
|
+
|--------|--------|
|
|
166
|
+
| Development | Under active development |
|
|
167
|
+
| Tests | 1,542 passing |
|
|
168
|
+
| Skipped | 11 (optional deps) |
|
|
169
|
+
| Docker | Multi-stage build |
|
|
170
|
+
|
|
171
|
+
---
|
|
172
|
+
|
|
173
|
+
## References
|
|
174
|
+
|
|
175
|
+
- [OWASP Top 10 for LLM Applications (2025)](https://genai.owasp.org/llm-top-10/)
|
|
176
|
+
- [OWASP Top 10 for Agentic Applications (2026)](https://genai.owasp.org/resource/owasp-top-10-for-agentic-applications-for-2026/)
|
|
177
|
+
- Kumar et al. (2024). *AmpleGCG-Plus.* [arXiv:2410.22143](https://arxiv.org/abs/2410.22143)
|
|
178
|
+
- Zhang et al. (2025). *Verbalized Sampling.* [arXiv:2510.01171](https://arxiv.org/abs/2510.01171)
|
|
179
|
+
- *Hiding in the AI Traffic: Abusing MCP for LLM-Powered Agentic Red Teaming.* [arXiv:2511.15998](https://arxiv.org/abs/2511.15998)
|
|
180
|
+
|
|
181
|
+
---
|
|
182
|
+
|
|
183
|
+
## Acknowledgments
|
|
184
|
+
|
|
185
|
+
- [Elder Plinius / L1B3RT4S](https://github.com/elder-plinius) — jailbreak pattern research
|
|
186
|
+
- [Manus AI](https://manus.im) — context engineering principles
|
|
187
|
+
- [LangChain](https://github.com/langchain-ai/langgraph) — LangGraph framework
|
|
188
|
+
- [Anthropic](https://anthropic.com)
|
|
189
|
+
- [OWASP](https://owasp.org) — LLM Top 10 framework
|
|
190
|
+
|
|
191
|
+
---
|
|
192
|
+
|
|
193
|
+
## License
|
|
194
|
+
|
|
195
|
+
MIT — see [LICENSE](LICENSE).
|