Initial commit

.github/workflows/ci.yml

@@ -0,0 +1,48 @@
+name: CI Pipeline
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "**" ]
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.11
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.11'
+
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e .[dev]  # Install package in editable mode with dev dependencies
+
+      - name: Run tests
+        run: |
+          pytest
+
+  build-package:
+    needs: build-and-test
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.11
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.11'
+
+      - name: Build package using script
+        run: |
+          chmod +x ./build_package.sh
+          ./build_package.sh
+

.github/workflows/release.yml

@@ -0,0 +1,32 @@
+name: Release to GitHub
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: '3.11'
+
+    - name: Clean up old distribution
+      run: bash clean_package.sh
+
+    - name: Build distribution
+      run: bash build_package.sh
+
+    - name: Create GitHub Release
+      uses: softprops/action-gh-release@v1
+      with:
+        files: dist/*
+        name: Release ${{ github.ref_name }} of ${{ github.repository }}
+        body: This is the release of ${{ github.repository }} for version ${{ github.ref_name }}
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,8 @@
+venv
+.env
+__pycache__
+*.egg-info/
+psfuzz.log
+.pytest_cache
+build/
+dist/

CONTRIBUTING.md

@@ -0,0 +1,142 @@
+# Contributing to PS_Fuzz
+
+Thank you for your interest in contributing to PS_Fuzz! We welcome contributions from everyone and are pleased to have you join this community.
+This document provides guidelines and instructions for contributing to this project.
+
+## Code of Conduct
+
+The PS_Fuzz project adheres to a code of conduct that you can read at [Code of Conduct](LINK_TO_CODE_OF_CONDUCT).
+By participating in this project, you agree to abide by its terms.
+
+## Getting Started
+
+### Prerequisites
+
+Before you begin, ensure you have the following installed:
+- Python 3.7 or later
+- Git
+
+### Setting Up Your Development Environment
+
+1. **Fork the Repository**: Start by forking the repository on GitHub.
+
+2. **Clone Your Fork**:
+```bash
+git clone https://github.com/yourusername/ps_fuzz.git
+cd ps_fuzz
+```
+
+### Set up a virtual environment
+
+```bash
+python -m venv venv
+source venv/bin/activate  # On Unix or macOS
+venv\Scripts\activate     # On Windows
+```
+
+### Install dependencies
+
+Install the project dependencies in editable mode (with the '-e' argument).
+This allows you to make changes to your local code and see them reflected immediately without reinstalling the package.
+
+```bash
+pip install -e .[dev]
+```
+
+### Run tests
+
+```bash
+pytest
+```
+
+### Prepare environment variables and API keys
+
+In order for the tool to do something useful, you should give it your API keys for the LLM services it will access.
+By default, the tool uses OpenAI (api.openai.com) service. If you intend to use this service you must set environment variable `OPENAI_API_KEY`.
+You can do it in one of two ways:
+1. Directly
+```bash
+export OPENAI_API_KEY=sk-....
+```
+
+2. By creating a file named `.env` in current directory, with a content like this:
+```
+OPENAI_API_KEY=sk-....
+```
+The tool would automatically recognize that the file is present and will try to load the environment variables (including your API key) from it.
+
+### Running the Tool
+
+To run the ps_fuzz tool from your development environment, you can use the command-line interface set up in the project.
+Since the package is installed in editable mode, you can run the tool directly from the source code without needing a separate installation step for testing changes.
+
+To execute the tool, use the following command:
+```bash
+ps_fuzz --help
+```
+
+or alternatively:
+```bash
+python -m ps_fuzz --help
+```
+
+## Making Changes
+
+1. Always create a new side-branch for your work.
+```bash
+git checkout -b your-branch-name
+```
+
+2. Make your changes to the code and add or modify unit tests as necessary.
+
+3. Run tests again
+
+Ensure all tests pass after your changes.
+```bash
+pytest
+```
+
+4. Commit Your Changes
+
+Keep your commits as small and focused as possible and include meaningful commit messages.
+```bash
+git add .
+git commit -m "Add a brief description of your change"
+```
+
+5. Push the changes you did to GitHub
+```bash
+git push origin your-branch-name
+```
+
+## Submitting a pull request
+
+1. Update your branch
+
+Fetch any new changes from the base branch and rebase your branch.
+```bash
+git fetch origin
+git rebase origin/main
+```
+
+2. Submit a Pull Request
+
+Go to GitHub and submit a pull request from your branch to the project main branch.
+
+
+3. Request Reviews
+
+Request reviews from other contributors listed as maintainers. If you receive a feedback - make any necessary changes and push them.
+
+4. Merge
+
+Once your pull request is approved, it will be merged into the main branch.
+
+## Additional Resources
+
+Here are some helpful resources to get you started with best practices for contributing to open-source projects and understanding the workflow:
+
+- [GitHub Flow](https://guides.github.com/introduction/flow/) - An introduction to the GitHub workflow, which explains branches, pull requests, and more.
+- [Writing Good Commit Messages](https://chris.beams.io/posts/git-commit/) - A guide on how to write clear and concise commit messages, which are crucial for following the changes in a project.
+- [Python Coding Style](https://pep8.org/) - Guidelines for writing clean and understandable Python code.
+

README.md

@@ -0,0 +1,113 @@
+<div align="center">
+
+
+# Prompt Security Fuzzer
+
+### **Test the resilience of your System Prompt x LLM**
+
+The tool is designed to test various security risks in the system prompt of your GenAI applications.
+<br><br>Brought to you by Prompt Security, the Singular Platform for GenAI Security
+
+<img src="https://assets-global.website-files.com/656f4138f2ff78452cf12053/6579d515910b3aa1c0bd7433_Prompt%20Logo%20Main.svg">
+
+
+
+[Models](#llm-models) •
+[LLM Providers](#llm-providers) •
+[Features](#features) •
+[Usage](#usage) •
+[Example](#example) •
+[The Company](https://prompt.security/)
+
+[![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+[![Documentation Status](https://readthedocs.org/projects/prompt-security/badge/?version=latest)](http://prompt-security-fuzzer.readthedocs.io/en/latest/?badge=latest)
+
+[![PyPI](https://badge.fury.io/py/prompt-security.svg)](https://badge.fury.io/py/prompt-security)
+![Python package](https://github.com/prompt-security/ps-fuzz/actions/workflows/tests.yml/badge.svg)
+
+</div>
+
+## What is the Prompt Fuzzer?
+
+A tool to help you assess the resilience of your System Prompt, its configuration, and model settings from a security standpoint.
+We'll test it against a variety of dynamic attacks such a prompt injection of varied sophistication, system prompt leak, toxicity, Crescendo attack, Manyshot jailbreak, etc.
+At the end you'll receive a final assessment score.
+
+## Get started
+1. Download the Prompt Fuzzer
+2. Input your system prompt
+3. Configure the Target LLM Provider + LLM Model name (i.e. the one your GenAI app is using). The default is OpenAI provider and "gpt-3.5-turbo" model.
+4. Start testing
+5. (Optional) If you'd like to have a more interactive experience, you can ask the questions yourself in the simulator or test attacks of your own
+
+
+## <a href = https://www.prompt.security/> Learn more about the Prompt Fuzzer and Prompt Security </a>
+
+
+
+<a id="llm-models"></a>
+## Supported LLM Models
+
+TODO: list models we support through various providers
+
+<a id="llm-providers"></a>
+## Supported LLM Providers
+We're fully LLM agnostic.
+
+
+
+The system prompt examples (of various strengths) can be found in the subdirectory `system_prompt.examples`
+
+To set up the OpenAI key, you should set an environment variable named `OPENAI_API_KEY` and set it to your OpenAI API key.
+An easy way to add the key permanently is to create a file named '.env' in the current directory and set the `OPENAI_API_KEY` there.
+
+<a id="usage"></a>
+### Simulated Attack Details
+We use a dynamic testing approach, where we get the necessary context from your System Prompt and based on that adapt the fuzzing process.
+
+
+
+<a id="usage"></a>
+### Usage
+
+```
+usage: psfuzz.py [-h] [-l] [--attack-provider ATTACK_PROVIDER] [--attack-model ATTACK_MODEL]
+                 [--target-provider TARGET_PROVIDER] [--target-model TARGET_MODEL] [-n NUM_ATTACKS]
+                 [-d DEBUG_LEVEL] [-i]
+                 [system_prompt_file]
+
+Prompt Security LLM Prompt Injection Fuzzer
+
+positional arguments:
+  system_prompt_file    Filename containing the system prompt. A special value of '-' means read from stdin.
+
+options:
+  -h, --help            show this help message and exit
+  -l, --list-providers  List available providers and exit
+  --attack-provider ATTACK_PROVIDER
+                        Attack provider (default: 'open_ai')
+  --attack-model ATTACK_MODEL
+                        Attack model (default: 'gpt-3.5-turbo')
+  --target-provider TARGET_PROVIDER
+                        Target provider (default: 'open_ai')
+  --target-model TARGET_MODEL
+                        Model (default: 'gpt-3.5-turbo')
+  -n NUM_ATTACKS, --num-attacks NUM_ATTACKS
+                        Number of different attack prompts to generate for each test (default=3)
+  -d DEBUG_LEVEL, --debug-level DEBUG_LEVEL
+                        Debug level: 0=only see warnings and errors, 1=info (default), 2=debug/trace
+  -i, --interactive-chat
+                        Run interactive chat instead of the fuzzer. This allows you to chat with the chatbot manually, with the given system prompt in place
+```
+
+<a id="usage"></a>
+### Example
+Run tests against the system prompt:
+```
+psfuzz.py ./system_prompt.examples/medium_system_prompt.txt
+```
+
+Run interactive chat with system prompt:
+```
+psfuzz.py -i ./system_prompt.examples/medium_system_prompt.txt
+```

build_package.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+set -e # Exit immediately in case of error, do not ignore errors
+
+echo "Installing required Python packaging tools ..."
+python -m pip install --upgrade pip setuptools wheel
+
+echo "Cleaning up previous builds..."
+rm -rf build/ dist/ *.egg-info
+
+echo "Building the package..."
+python setup.py sdist bdist_wheel
+
+echo "Build output:"
+ls dist
+
+# Optional Step 5: Install the package locally for testing
+# Uncomment the line below to enable installation after build
+# pip install dist/*.whl
+
+echo "Package built successfully."

clean_package.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+echo "Removing build artifacts (if any) ..."
+rm -rf build/ dist/ *.egg-info

ps_fuzz/__main__.py

@@ -0,0 +1,5 @@
+# src/ps_fuzz/__main__.py
+from .cli import main
+
+if __name__ == "__main__":
+    main()

ps_fuzz/attack_config.py

@@ -0,0 +1,6 @@
+from .client_config import ClientConfig
+
+class AttackConfig(object):
+    def __init__(self, attack_client: ClientConfig, attack_prompts_count: int):
+        self.attack_client = attack_client
+        self.attack_prompts_count = attack_prompts_count