-
Notifications
You must be signed in to change notification settings - Fork 667
Comments
FEAT: Adding SeedAttackTechniqueGroup#1373
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pull request overview
This pull request adds support for distinguishing general attack techniques from specific objectives by introducing an is_general_strategy property to seed classes. This enables PyRIT to identify and group reusable attack techniques like jailbreaks and simulated conversations that can be applied across multiple objectives.
Changes:
- Added
is_general_strategyboolean property to the baseSeedclass (defaults to False) - Created new
SeedAttackTechniqueGroupclass to validate and group seeds that are general strategies - Updated
SeedSimulatedConversationto defaultis_general_strategyto True - Updated
SeedObjectiveto enforce that objectives cannot be general strategies - Updated all 150+ jailbreak template YAML files to include
is_general_strategy: true - Added comprehensive unit tests for the new functionality
Reviewed changes
Copilot reviewed 175 out of 175 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| pyrit/models/seeds/seed.py | Added is_general_strategy property to base Seed class |
| pyrit/models/seeds/seed_objective.py | Added validation to prevent objectives from being general strategies |
| pyrit/models/seeds/seed_simulated_conversation.py | Set default is_general_strategy=True for simulated conversations |
| pyrit/models/seeds/seed_attack_technique_group.py | New class to validate all seeds in group are general strategies |
| pyrit/models/seeds/init.py | Exported new SeedAttackTechniqueGroup class |
| pyrit/models/init.py | Exported new SeedAttackTechniqueGroup class |
| pyrit/datasets/jailbreak/text_jailbreak.py | Set is_general_strategy=True for string templates |
| pyrit/datasets/jailbreak/templates/*.yaml | Added is_general_strategy: true to all jailbreak templates |
| tests/unit/models/test_seed_attack_technique_group.py | Comprehensive tests for new functionality |
| tests/unit/datasets/test_jailbreak_text.py | Test to validate all jailbreak templates have the property set |
| doc/api.rst | Added API documentation reference |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is the purpose of the is_general_strategy to group seeds together in an attack technique group ? if so, i'd be in favor of renaming to is_general_technique because i think strategy conflates the flag with scenarios
One problem we want to tackle is to identify unique attack techniques. As we are currently architected, this consists of two parts
AttackIdentifier: This includes the attack, converters, targets, scorers, etc.These are the factors we want to include when we calculate how successful an attack is. But a gap we have is the datasets.
This PR includes a way to distinguish general datasets with the
is_general_strategy. To start, simulated conversations and jailbreaks will have this by default, others will not.In a future PR, we'll introduce an
AtomicAttackIdentifierto uniquely identify these.