pyrit.orchestrator.XPIATestOrchestrator

pyrit.orchestrator.XPIATestOrchestrator#

class XPIATestOrchestrator(*, attack_content: str, processing_prompt: str, processing_target: PromptTarget, attack_setup_target: PromptTarget, scorer: Scorer, prompt_converters: list[PromptConverter] | None = None, verbose: bool = False, attack_setup_target_conversation_id: str | None = None)[source]#

Bases: XPIAOrchestrator

__init__(*, attack_content: str, processing_prompt: str, processing_target: PromptTarget, attack_setup_target: PromptTarget, scorer: Scorer, prompt_converters: list[PromptConverter] | None = None, verbose: bool = False, attack_setup_target_conversation_id: str | None = None) None[source]#

Creates an orchestrator to set up a cross-domain prompt injection attack (XPIA) on a processing target.

The attack_setup_target creates the attack prompt using the attack_content, applies converters (if any), and puts it into the attack location. The processing_target processes the processing_prompt which should include a reference to the attack prompt to allow it to retrieve the attack prompt. The scorer scores the processing response to determine the success of the attack.

Parameters:

  • attack_content – The content to attack the processing target with, e.g., a jailbreak.

  • processing_prompt – The prompt to send to the processing target. This should include placeholders to invoke plugins (if any).

  • processing_target – The target of the attack which processes the processing prompt.

  • attack_setup_target – The target that generates the attack prompt and gets it into the attack location.

  • scorer – The scorer to use to score the processing response.

  • prompt_converters – The converters to apply to the attack content before sending it to the prompt target.

  • verbose – Whether to print debug information.

  • attack_setup_target_conversation_id – The conversation ID to use for the prompt target. If not provided, a new one will be generated.

Methods

__init__(*, attack_content, ...[, ...])

Creates an orchestrator to set up a cross-domain prompt injection attack (XPIA) on a processing target.

dispose_db_engine()

Dispose database engine to release database connections and resources.

execute_async()

Executes the entire XPIA operation.

get_identifier()

get_memory()

Retrieves the memory associated with this orchestrator.

get_score_memory()

Retrieves the scores of the PromptRequestPieces associated with this orchestrator.